Commit graph

7 commits

Author SHA1 Message Date
Adrià Casajús
d874acfe2c
Fix: Add CSRF validation to api key management page (#1523)
* Fix: Add CSRF validation to api key management page

* Added csrf to subdomain creation

* Added CSRF to totp cancel

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2023-01-12 12:34:47 +01:00
Son
372466ab06 do not use flask-sqlalchemy
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Son NK
1f0ef13ff2 do not require user to re-enter TOTP code when cancelling TOTP 2020-08-05 12:30:56 +02:00
devStorm
f79eb90d2a
sudo mode 2020-05-18 02:14:40 -07:00
Son NK
043ecd4fac redirect user to recovery codes page after MFA setup. Remove all recovery codes when user is no more MFA. 2020-05-17 10:11:38 +02:00
Son NK
b51ed259b4 fix cancel MFA: the secret needs to be reset too 2019-12-29 15:32:27 +01:00
Son NK
76eec998ea User who has enabled MFA can cancel MFA 2019-12-29 15:10:40 +01:00