mastodon/app/views
Claire bddd9ba36d
Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288)
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN

Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.

* Add OMNIAUTH_ONLY environment variable to enforce external log-in only

* Disable user registration when OMNIAUTH_ONLY is set to true

* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
2022-01-23 15:52:58 +01:00
..
about Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 2022-01-23 15:52:58 +01:00
accounts Remove Keybase integration (#17045) 2021-11-26 05:58:18 +01:00
admin Add post edited notice in admin and public UIs (#17335) 2022-01-20 13:37:31 +01:00
admin_mailer Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
application Add trending links (#16917) 2021-11-25 13:07:38 +01:00
auth Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 2022-01-23 15:52:58 +01:00
authorize_interactions Fix misleading error when attempting to re-send a pending follow request (#13133) 2020-02-24 21:19:19 +01:00
directories Change number_to_human calls to always use 3-digits precision (#16469) 2021-07-07 21:13:08 +02:00
errors Add specific rate limits for posting and following (#13172) 2020-03-08 15:17:39 +01:00
filters Fix not being able to change world filter expiration back to “Never” (#15858) 2021-03-12 05:25:50 +01:00
follower_accounts
following_accounts
home Fix Google Translate breaking web interface (#15610) 2021-01-21 14:29:54 +01:00
invites Remove invite comments from UI (#12068) 2019-10-03 22:37:13 +02:00
kaminari
layouts Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 2022-01-23 15:52:58 +01:00
media Fix error when trying to render component for media without meta (#16112) 2021-05-05 21:16:55 +02:00
notification_mailer Add notifications for statuses deleted by moderators (#17204) 2022-01-17 09:41:33 +01:00
oauth Refactor settings controllers (#14767) 2020-09-11 20:56:35 +02:00
public_timelines Fix Google Translate breaking web interface (#15610) 2021-01-21 14:29:54 +01:00
relationships Change number_to_human calls to always use 3-digits precision (#16469) 2021-07-07 21:13:08 +02:00
remote_follow
remote_interaction Remove Atom feeds and old URLs in the form of GET /:username/updates/:id (#11247) 2019-07-07 16:16:51 +02:00
settings Remove Keybase integration (#17045) 2021-11-26 05:58:18 +01:00
shared Add honeypot fields and minimum fill-out time for sign-up form (#15276) 2020-12-10 06:27:26 +01:00
shares Add subresource integrity for JS and CSS assets (#15096) 2020-11-06 11:56:31 +01:00
statuses Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 2022-01-23 15:52:58 +01:00
statuses_cleanup Add feature to automatically delete old toots (#16529) 2021-08-09 23:11:50 +02:00
tags Fix Google Translate breaking web interface (#15610) 2021-01-21 14:29:54 +01:00
user_mailer Add notifications for statuses deleted by moderators (#17204) 2022-01-17 09:41:33 +01:00
well_known/host_meta Remove dependency on goldfinger gem (#14919) 2020-10-08 00:34:57 +02:00