Tim Düsterhus [Wed, 25 Nov 2020 17:40:53 +0000 (18:40 +0100)]
Merge pull request #3759 from WoltLab/mfa-pending-expire
Expire pending user changes after 15 minutes
Tim Düsterhus [Wed, 25 Nov 2020 17:39:53 +0000 (18:39 +0100)]
Replace 'Multi-Factor' by 'Multi-factor'
titlecase.com says that it should be 'Multi-factor' with a lowercase 'f'.
Tim Düsterhus [Wed, 25 Nov 2020 17:24:37 +0000 (18:24 +0100)]
Expire pending user changes after 15 minutes
15 minutes should be plenty of time for the user to complete the MF
authentication flow. A user is not going to sit patiently for 15 minutes
without simply closing the browser window which de facto forces them to start
anew, because nothing leads back to the MF authentication flow except
performing yet another login.
Email codes are the only (default) method that could be slow without the user
being able to do anything about it (e.g. due to greylisting). These codes
already expire after 10 minutes, giving an implicit upper bound (when ignoring
the fact that a new code will be sent every 2 minutes during refreshing).
Tim Düsterhus [Wed, 25 Nov 2020 16:47:37 +0000 (17:47 +0100)]
Add __multifactorAuthenticationLoginAs to syncTemplates.json
Tim Düsterhus [Wed, 25 Nov 2020 16:44:03 +0000 (17:44 +0100)]
Fix typo in de.xml
Tim Düsterhus [Wed, 25 Nov 2020 16:43:31 +0000 (17:43 +0100)]
Remove obsolete phrases used in the MF authentication process
Tim Düsterhus [Wed, 25 Nov 2020 16:40:50 +0000 (17:40 +0100)]
Add explanatory texts to backup MF method (#3754)
* Add explanatory texts to backup MF method
* Improve phrasing of MF backup explanations
Co-authored-by: Alexander Ebert <ebert@woltlab.com>
Tim Düsterhus [Wed, 25 Nov 2020 16:39:06 +0000 (17:39 +0100)]
Add explanatory texts to email MF method (#3755)
Tim Düsterhus [Wed, 25 Nov 2020 16:38:10 +0000 (17:38 +0100)]
Send a notification email when MFA is enabled (#3756)
Alexander Ebert [Wed, 25 Nov 2020 14:24:23 +0000 (15:24 +0100)]
Removed the obsolete 2fa abort form
Alexander Ebert [Wed, 25 Nov 2020 14:21:46 +0000 (15:21 +0100)]
Separate form element for the login username
Alexander Ebert [Wed, 25 Nov 2020 12:13:54 +0000 (13:13 +0100)]
Merge branch 'mfa-meta' of https://github.com/WoltLab/WCF into mfa-meta
Alexander Ebert [Wed, 25 Nov 2020 12:13:52 +0000 (13:13 +0100)]
Overhauled the layout of the 2fa authentication page
Tim Düsterhus [Wed, 25 Nov 2020 10:08:28 +0000 (11:08 +0100)]
Explain the choice of the backup code parameters
Tim Düsterhus [Wed, 25 Nov 2020 09:35:15 +0000 (10:35 +0100)]
Fix typo in en.xml
Alexander Ebert [Tue, 24 Nov 2020 18:36:50 +0000 (19:36 +0100)]
Merge branch 'master' into mfa-meta
Alexander Ebert [Tue, 24 Nov 2020 18:35:44 +0000 (19:35 +0100)]
Updated the `package-lock.json`
The old version was outdated and prevented the `node_modules/.bin` from being created after running `npm i`
Alexander Ebert [Tue, 24 Nov 2020 17:34:49 +0000 (18:34 +0100)]
Merge branch 'master' into mfa-meta
Alexander Ebert [Tue, 24 Nov 2020 17:33:25 +0000 (18:33 +0100)]
Merge branch '5.3'
Alexander Ebert [Tue, 24 Nov 2020 17:28:30 +0000 (18:28 +0100)]
Minor visual updates
Tim Düsterhus [Tue, 24 Nov 2020 15:13:19 +0000 (16:13 +0100)]
Merge pull request #3749 from WoltLab/mfa-backup-email
Add email notification when using a backup code
Tim Düsterhus [Tue, 24 Nov 2020 14:58:34 +0000 (15:58 +0100)]
Merge pull request #3750 from WoltLab/emogrifier-5.0
Update pelago/emogrifier to 5.0
Tim Düsterhus [Tue, 24 Nov 2020 14:45:28 +0000 (15:45 +0100)]
Update pelago/emogrifier to 5.0
Tim Düsterhus [Tue, 24 Nov 2020 13:21:54 +0000 (14:21 +0100)]
Add email notification when using a backup code
Joshua Rüsweg [Tue, 24 Nov 2020 11:03:51 +0000 (12:03 +0100)]
Merge pull request #3746 from WoltLab/mfa-conditions
Integrate multi-factor authentication into the condition system
joshuaruesweg [Mon, 23 Nov 2020 17:05:51 +0000 (18:05 +0100)]
Rename condition to `multifactorActive`
Tim Düsterhus [Tue, 24 Nov 2020 10:33:39 +0000 (11:33 +0100)]
Fix typo in PHPDoc in \wcf\system\multifactor\totp\Totp
Tim Düsterhus [Mon, 23 Nov 2020 15:57:40 +0000 (16:57 +0100)]
Add multi-factor foreign keys to update_com.woltlab.wcf_5.4_db.php
Tim Düsterhus [Mon, 23 Nov 2020 15:55:18 +0000 (16:55 +0100)]
Add wcf1_user_multifactor_email to update_com.woltlab.wcf_5.4_db.php
Tim Düsterhus [Mon, 23 Nov 2020 15:53:29 +0000 (16:53 +0100)]
Add missing usage of fully qualified function names for email MFA
Alexander Ebert [Mon, 23 Nov 2020 15:38:18 +0000 (16:38 +0100)]
Release 5.3.1
Alexander Ebert [Mon, 23 Nov 2020 15:34:03 +0000 (16:34 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Mon, 23 Nov 2020 15:11:56 +0000 (16:11 +0100)]
Missing check for empty object ids
Alexander Ebert [Mon, 23 Nov 2020 14:55:09 +0000 (15:55 +0100)]
Merge branch '5.2' into 5.3
Marcel Werk [Mon, 23 Nov 2020 14:19:48 +0000 (15:19 +0100)]
randomized sort order of related articles
Marcel Werk [Mon, 23 Nov 2020 14:19:02 +0000 (15:19 +0100)]
Changed related articles to new layout
Alexander Ebert [Mon, 23 Nov 2020 13:43:06 +0000 (14:43 +0100)]
Release 5.2.10
Alexander Ebert [Mon, 23 Nov 2020 13:36:42 +0000 (14:36 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Mon, 23 Nov 2020 13:29:11 +0000 (14:29 +0100)]
Release 3.1.18
Tim Düsterhus [Mon, 23 Nov 2020 11:45:43 +0000 (12:45 +0100)]
Deprecated PreparedStatement::fetchList()
Resolves #3742
Alexander Ebert [Mon, 23 Nov 2020 11:30:45 +0000 (12:30 +0100)]
Use modified package servers when running in enterprise mode
Tim Düsterhus [Mon, 23 Nov 2020 10:36:46 +0000 (11:36 +0100)]
Merge branch '5.3'
- Dropped update_com.woltlab.wcf_5.3_orphanedComments.php
- Replaced ts/WoltLabSuite/Core/Acp/Ui/Option/EmailSmtpTest.js with the file
from 5.3, replacing WCF_CLICK_EVENT with 'click' and regenerated the compiled
JavaScript.
- Manually applied
4ac5f76b4ee5804919a832729a7ab384ea9d9a4d to the already
converted WoltLabSuite/Core/Ui/Screen.ts
Tim Düsterhus [Mon, 23 Nov 2020 08:31:54 +0000 (09:31 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Mon, 23 Nov 2020 08:27:54 +0000 (09:27 +0100)]
Whitelist `iterator_count` in enterprise mode
Tim Düsterhus [Mon, 23 Nov 2020 08:10:25 +0000 (09:10 +0100)]
Merge pull request #3738 from WoltLab/emogrifier-4.0
Update to Emogrifier 4.0
Alexander Ebert [Sun, 22 Nov 2020 17:36:43 +0000 (18:36 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Sun, 22 Nov 2020 17:31:49 +0000 (18:31 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Sun, 22 Nov 2020 16:58:44 +0000 (17:58 +0100)]
Merge pull request #3744 from Krymonota/patch-18
Add missing JSDoc to `EmailSmtpTest`
Alexander Ebert [Sun, 22 Nov 2020 16:58:12 +0000 (17:58 +0100)]
Merge pull request #3745 from Krymonota/patch-19
Fix JSDoc module typo in `RewriteGenerator`
joshuaruesweg [Sun, 22 Nov 2020 11:03:34 +0000 (12:03 +0100)]
Add usesMultifactor condition for user search in acp
joshuaruesweg [Sun, 22 Nov 2020 10:37:45 +0000 (11:37 +0100)]
Add usesMultifactor condition for notices
joshuaruesweg [Sun, 22 Nov 2020 10:25:57 +0000 (11:25 +0100)]
Add `$multifactorActive` property for user dbo
joshuaruesweg [Sat, 21 Nov 2020 21:00:14 +0000 (22:00 +0100)]
Merge branch '5.2' into 5.3
joshuaruesweg [Sat, 21 Nov 2020 20:56:27 +0000 (21:56 +0100)]
Fix point calculation for removing reactions from an object
Alexander Ebert [Sat, 21 Nov 2020 18:59:08 +0000 (19:59 +0100)]
Release 5.3.1
Niklas [Sat, 21 Nov 2020 18:41:47 +0000 (19:41 +0100)]
Fix JSDoc module typo in `RewriteGenerator`
Niklas [Sat, 21 Nov 2020 18:39:56 +0000 (19:39 +0100)]
Add missing JSDoc to `EmailSmtpTest`
Alexander Ebert [Sat, 21 Nov 2020 18:36:16 +0000 (19:36 +0100)]
Force the removal of orphaned comments during the upgrade
WoltLab [Fri, 20 Nov 2020 19:11:59 +0000 (19:11 +0000)]
Updating minified JavaScript files
Alexander Ebert [Fri, 20 Nov 2020 19:08:26 +0000 (20:08 +0100)]
Merge branch '5.2' into 5.3
WoltLab [Fri, 20 Nov 2020 19:03:30 +0000 (19:03 +0000)]
Updating minified JavaScript files
Alexander Ebert [Fri, 20 Nov 2020 18:59:24 +0000 (19:59 +0100)]
Merge branch '3.1' into 5.2
WoltLab [Fri, 20 Nov 2020 18:06:23 +0000 (18:06 +0000)]
Updating minified JavaScript files
Alexander Ebert [Fri, 20 Nov 2020 17:39:33 +0000 (18:39 +0100)]
Workaround for a Chromium bug on Windows
Alexander Ebert [Fri, 20 Nov 2020 16:16:19 +0000 (17:16 +0100)]
Verbose style compatibility for 5.2/5.3
Fixes #3737
Tim Düsterhus [Fri, 20 Nov 2020 14:39:11 +0000 (15:39 +0100)]
Merge pull request #3743 from WoltLab/mfa-disable
Support disabling the multi-factor authentication
Tim Düsterhus [Fri, 20 Nov 2020 14:25:47 +0000 (15:25 +0100)]
Support disabling the multi-factor authentication
Tim Düsterhus [Fri, 20 Nov 2020 12:39:50 +0000 (13:39 +0100)]
Use U+2022 to black out backup code trailers
Alexander Ebert [Fri, 20 Nov 2020 12:38:01 +0000 (13:38 +0100)]
Permit images uploaded as media to be wrapped in a link
Tim Düsterhus [Fri, 20 Nov 2020 10:29:25 +0000 (11:29 +0100)]
Merge branch 'master' into mfa-meta
For the bug fix in the email templates.
Tim Düsterhus [Fri, 20 Nov 2020 10:23:22 +0000 (11:23 +0100)]
Merge branch '5.3'
- Dropped update_com.woltlab.wcf_5.2.10_orphanedComments.php
- Replaced ts/WoltLabSuite/Core/Acp/Ui/Article/InlineEditor.js with the file
from 5.3, replacing WCF_CLICK_EVENT with 'click' and regenerated the compiled
JavaScript.
Tim Düsterhus [Fri, 20 Nov 2020 10:19:32 +0000 (11:19 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Fri, 20 Nov 2020 09:24:35 +0000 (10:24 +0100)]
Merge pull request #3732 from WoltLab/mfa-acp
Support multi-factor authentication within ACP
Tim Düsterhus [Thu, 19 Nov 2020 15:56:29 +0000 (16:56 +0100)]
Make the MF authentication controller for ACP inherit from the frontend ones
Tim Düsterhus [Wed, 18 Nov 2020 15:02:35 +0000 (16:02 +0100)]
Support multi-factor authentication within ACP
Alexander Ebert [Thu, 19 Nov 2020 18:24:52 +0000 (19:24 +0100)]
Clean up comments when removing moderation queues (#3740)
* Delete comments when moderation queues are being removed
See #3707
* Clean-up script for orphaned comments
* Use the `CommentHandler` to remove comments
* Apply suggestions from code review
Co-authored-by: Tim Düsterhus <duesterhus@woltlab.com>
Co-authored-by: Tim Düsterhus <duesterhus@woltlab.com>
Marcel Werk [Thu, 19 Nov 2020 18:02:23 +0000 (19:02 +0100)]
Enabled three column layout for boxes top / bottom
Alexander Ebert [Thu, 19 Nov 2020 15:56:12 +0000 (16:56 +0100)]
Skip DOM updates when the article is not present
Tim Düsterhus [Thu, 19 Nov 2020 15:24:51 +0000 (16:24 +0100)]
Merge branch '5.3'
- Dropped update_com.woltlab.wcf_5.3_style.php which is not required.
- Replaced ts/WoltLabSuite/Core/Media/Editor.js with the file from 5.3,
replacing WCF_CLICK_EVENT with 'click' and regenerated the compiled
JavaScript.
Tim Düsterhus [Thu, 19 Nov 2020 15:17:08 +0000 (16:17 +0100)]
Merge pull request #3739 from WoltLab/fix-style-preview
Fix style preview images when upgrading from 5.2
Tim Düsterhus [Thu, 19 Nov 2020 15:09:29 +0000 (16:09 +0100)]
Fix style preview images when upgrading from 5.2
Tim Düsterhus [Thu, 19 Nov 2020 14:51:18 +0000 (15:51 +0100)]
Merge pull request #3736 from WoltLab/mfa-method-description
Add descriptions to the account security page
Tim Düsterhus [Thu, 19 Nov 2020 14:48:27 +0000 (15:48 +0100)]
Improve phrasing of TOTP description
Remove the adjective "free".
Co-authored-by: Joshua Rüsweg <ruesweg@woltlab.com>
Marcel Werk [Thu, 19 Nov 2020 14:27:41 +0000 (15:27 +0100)]
Fixed html in acp search results
Tim Düsterhus [Thu, 19 Nov 2020 13:30:56 +0000 (14:30 +0100)]
Adjust RecipientAwareTextMimePart for Emogrifier 4.0
Tim Düsterhus [Thu, 19 Nov 2020 13:30:40 +0000 (14:30 +0100)]
Update pelago/emogrifier to 4.0
Tim Düsterhus [Thu, 19 Nov 2020 13:18:04 +0000 (14:18 +0100)]
Add note about the email_html.tpl update to package.xml
Tim Düsterhus [Thu, 19 Nov 2020 13:13:46 +0000 (14:13 +0100)]
Merge branch '5.2' into 5.3
Tim Düsterhus [Thu, 19 Nov 2020 13:06:01 +0000 (14:06 +0100)]
Replace the selector for the font-family in email_html.tpl
The Emogrifier version used in 5.2 does not fully support all features
of the `:not()` selector. Depending on the environment the use of
`:not()` results in slightly different output. Specifically the number
of `:not()`s chained there caused the result to have a very large
specificity, possibly overriding the font-size of the headline tags.
Use `body, body *` instead, it will not put any useless CSS onto heading
tags and still catch all relevant elements. The biggest difference is
that the `<br>` tag will carry a `font-family` and `font-size`.
Tim Düsterhus [Thu, 19 Nov 2020 10:42:02 +0000 (11:42 +0100)]
Sort enabled MFA methods to the top in AccountSecurityPage
Tim Düsterhus [Thu, 19 Nov 2020 10:39:18 +0000 (11:39 +0100)]
Tim Düsterhus [Thu, 19 Nov 2020 09:11:08 +0000 (10:11 +0100)]
Add description to the list of active sessions
Tim Düsterhus [Thu, 19 Nov 2020 09:04:04 +0000 (10:04 +0100)]
Add a general MFA description
Tim Düsterhus [Thu, 19 Nov 2020 09:00:55 +0000 (10:00 +0100)]
Add description for MFA methods
Alexander Ebert [Wed, 18 Nov 2020 19:02:11 +0000 (20:02 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Wed, 18 Nov 2020 19:01:46 +0000 (20:01 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Wed, 18 Nov 2020 19:00:04 +0000 (20:00 +0100)]
Mutable variable access inside a callback
Matthias Schmidt [Wed, 18 Nov 2020 16:32:58 +0000 (17:32 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Wed, 18 Nov 2020 16:32:41 +0000 (17:32 +0100)]
Merge branch '3.1' into 5.2
Matthias Schmidt [Wed, 18 Nov 2020 16:32:21 +0000 (17:32 +0100)]
Fix ACL buttons when editing media files successively
Replaces
3a7740a3704339c79d08fd2f5094fa1a1973318b by backporting and using parts of
6ee58cd2865980cd7fa16a1f3ebc660131fc7fd6.
projects / GitHub / WoltLab / WCF.git / log