delta/gitlab/gitlab-ce.git/app/controllers/passwords_controller.rb, branch remove-commit-tree gitlab.com: gitlab-org/gitlab-ce.git Allow logged in user to change his password 2018-01-01T00:59:07+00:00 Rubén Dávila ruben@gitlab.com 2017-12-31T05:08:15+00:00 6304fe44ec9b034917201db2e1bacb83d82cdeae Users were unable to change their password through the "Reset password" link that was sent to their email if they were logged in. This is due to a default controller filter from Devise that requires the user to not be logged in in order to use this link. 
Users were unable to change their password through the "Reset password"
link that was sent to their email if they were logged in. This is due to
a default controller filter from Devise that requires the user to not be
logged in in order to use this link.
Allow password authentication to be disabled entirely 2017-11-23T13:16:14+00:00 Markus Koller markus-koller@gmx.ch 2017-11-23T13:16:14+00:00 257fd5713485a05460a9170190100643199a7e48 






Rollsback changes made to signing_enabled.
2017-09-01T09:51:40+00:00

Tiago Botelho
tiagonbotelho@hotmail.com

2017-08-31T10:21:40+00:00

37383d9a9d9706008a7fa1d90079cb019681094b












Fixes needed when GitLab sign-in is not enabled
2017-07-13T14:08:27+00:00

Robin Bobbitt
ryehle@us.ibm.com

2017-06-27T18:02:09+00:00

672a68d3724bcae676d18244c85566e7d664a169

When sign-in is disabled:
 - skip password expiration checks
 - prevent password reset requests
 - don’t show Password tab in User Settings
 - don’t allow login with username/password for Git over HTTP requests
 - render 404 on requests to Profiles::PasswordsController





When sign-in is disabled:
 - skip password expiration checks
 - prevent password reset requests
 - don’t show Password tab in User Settings
 - don’t allow login with username/password for Git over HTTP requests
 - render 404 on requests to Profiles::PasswordsController







Allow the initial admin to set a password
2016-03-04T22:37:57+00:00

Robert Speicher
rspeicher@gmail.com

2016-03-02T22:48:49+00:00

599a6d78737237e806dcfe0105b8b81dc696b71f

Closes #1980





Closes #1980







Use devise paranoid mode and ensure the same message is returned every time
2015-12-10T00:40:37+00:00

Drew Blessing
drew@gitlab.com

2015-12-09T17:45:26+00:00

f4ec906e90b2f8dbf18b359b773e3b31f5da89ff

Skipped CI because it has already passed. Had to rebase due to CHANGELOG.





Skipped CI because it has already passed. Had to rebase due to CHANGELOG.







Refactor PasswordsController to use before_actions
2015-10-02T01:47:27+00:00

Robert Speicher
rspeicher@gmail.com

2015-10-02T01:47:27+00:00

b8ff38b1d47e4323f799b593b95821ed4a8c11f7












Only allow password reset emails once per minute
2015-09-30T19:38:21+00:00

Robert Speicher
rspeicher@gmail.com

2015-09-30T19:38:21+00:00

292bca0546c59b9816c696371cd9bbf04ba19fb2

Addresses internal https://dev.gitlab.org/gitlab/gitlabhq/issues/2611





Addresses internal https://dev.gitlab.org/gitlab/gitlabhq/issues/2611







Take advantage of `Devise.sign_in_after_reset_password`
2015-09-30T18:35:00+00:00

Robert Speicher
rspeicher@gmail.com

2015-09-30T18:35:00+00:00

3a4274e19e1a1fbc23fb5fe0d6101ad62099aadb












Use User#two_factor_enabled instead of otp_required_for_login
2015-06-19T19:14:37+00:00

Robert Speicher
rspeicher@gmail.com

2015-06-19T19:14:37+00:00

b6318297fc93ab26108c586af9d34c16fc783589