Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify password for local-account activation #13631

Merged
merged 18 commits into from
Nov 28, 2020
Merged

Verify password for local-account activation #13631

merged 18 commits into from
Nov 28, 2020

Conversation

6543
Copy link
Member

@6543 6543 commented Nov 19, 2020

@ashimokawa @6543
Verify passwords for activation
2720e1b 
This is to prevent 3rd party activation
@6543 6543 changed the title Verify passwords for activation Verify passwords for account activation Nov 19, 2020
@6543 6543 added this to the 1.14.0 milestone Nov 19, 2020
@6543 6543 added type/enhancement An improvement of existing functionality topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! labels Nov 19, 2020
@gary-kim
Copy link
Member

@6543 Mind taking a look at the linter error?

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Nov 19, 2020
lafriks
lafriks reviewed Nov 19, 2020
View reviewed changes
models/user.go Outdated Show resolved Hide resolved
@codecov-io
Copy link

codecov-io commented Nov 19, 2020
edited
Loading

Codecov Report

Merging #13631 (991f1a7) into master (9c26dc1) will decrease coverage by 0.01%.
The diff coverage is 2.85%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master   #13631      +/-   ##
==========================================
- Coverage   42.22%   42.21%   -0.02%     
==========================================
  Files         698      698              
  Lines       76872    76884      +12     
==========================================
- Hits        32462    32458       -4     
- Misses      39060    39074      +14     
- Partials     5350     5352       +2
Impacted Files Coverage Δ
routers/user/auth.go 12.04% <0.00%> (-0.15%) ⬇️
modules/repository/init.go 41.53% <50.00%> (ø)
modules/util/timer.go 42.85% <0.00%> (-42.86%) ⬇️
modules/indexer/stats/queue.go 64.70% <0.00%> (-11.77%) ⬇️
modules/indexer/stats/db.go 43.47% <0.00%> (-8.70%) ⬇️
modules/charset/charset.go 68.53% <0.00%> (-4.50%) ⬇️
modules/queue/workerpool.go 58.77% <0.00%> (-3.27%) ⬇️
services/pull/temp_repo.go 26.59% <0.00%> (-3.20%) ⬇️
services/pull/patch.go 53.97% <0.00%> (-1.71%) ⬇️
modules/log/file.go 73.60% <0.00%> (-1.61%) ⬇️
... and 12 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4f82a0b...991f1a7. Read the comment docs.

@6543
Copy link
Member Author

6543 commented Nov 19, 2020

@gary-kim lafriks fixed it for us :) - ready for a look again

@zeripath
Copy link
Contributor

Does account activation possibly occur with OAUTH2 based users?

@6543 6543 added the pr/wip This PR is not ready for review label Nov 19, 2020
@6543 6543 removed the pr/wip This PR is not ready for review label Nov 19, 2020
@6543 6543 changed the title Verify passwords for account activation Verify passwords for local-account activation Nov 19, 2020
@6543 6543 changed the title Verify passwords for local-account activation Verify password for local-account activation Nov 19, 2020
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Nov 27, 2020
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Nov 28, 2020
@techknowlogick
Copy link
Member

🚀

@techknowlogick techknowlogick merged commit 0f14f69 into go-gitea:master Nov 28, 2020
@6543 6543 deleted the verify-password-for-account-activation branch November 28, 2020 22:41
@go-gitea go-gitea locked and limited conversation to collaborators Jan 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lafriks lafriks lafriks left review comments

@silverwind silverwind silverwind approved these changes

@zeripath zeripath zeripath approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! type/enhancement An improvement of existing functionality
Projects
None yet
Milestone
1.14.0
Development

Successfully merging this pull request may close these issues.
9 participants
@6543 @gary-kim @codecov-io @zeripath @techknowlogick @silverwind @lafriks @GiteaBot @ashimokawa