forgejo/models
Gusted 4383da91bd
[SECURITY] Notify users about account security changes
- Currently if the password, primary mail, TOTP or security keys are
changed, no notification is made of that and makes compromising an
account a bit easier as it's essentially undetectable until the original
person tries to log in. Although other changes should be made as
well (re-authing before allowing a password change), this should go a
long way of improving the account security in Forgejo.
- Adds a mail notification for password and primary mail changes. For
the primary mail change, a mail notification is sent to the old primary
mail.
- Add a mail notification when TOTP or a security keys is removed, if no
other 2FA method is configured the mail will also contain that 2FA is
no longer needed to log into their account.
- `MakeEmailAddressPrimary` is refactored to the user service package,
as it now involves calling the mailer service.
- Unit tests added.
- Integration tests added.
2024-07-23 18:31:47 +02:00
..
actions feat(cli): allow updates to runners' secrets 2024-07-22 11:55:43 +02:00
activities Fix web notification icon not updated once you read all notifications (#31447) 2024-06-29 07:33:37 +02:00
admin
asymkey [CHORE] Use github.com/ProtonMail/go-crypto 2024-07-15 17:27:37 +02:00
auth allow synchronizing user status from OAuth2 login providers (#31572) 2024-07-22 15:44:13 +02:00
avatars Replace 10 more gt- classes with tw- (#29945) 2024-03-26 19:04:27 +01:00
db Enable multiStatements for MySQL 2024-07-16 23:16:03 +02:00
dbfs Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
fixtures feat(cli): add --keep-labels flag to forgejo actions register (#4610) 2024-07-22 07:33:45 +00:00
forgefed enhance test & fix reviews 2024-05-14 08:24:31 +02:00
forgejo/semver
forgejo_migrations [CHORE] Move test related function to own package 2024-07-14 17:00:49 +02:00
git Add tag protection via rest api #17862 (#31295) 2024-06-16 13:42:59 +02:00
issues [PORT] Added default sorting milestones by name (gitea#27084) 2024-07-22 14:55:58 +02:00
migrations Upgrade xorm to v1.3.9 and improve some migrations Sync (#29899) 2024-07-22 15:44:13 +02:00
organization Resolve lint for unused parameter and unnecessary type arguments (#30750) 2024-05-05 08:38:16 +01:00
packages Fix package list performance (#30520) 2024-04-21 16:28:16 +02:00
perm Users with read permission of pull requests can be assigned too (#27263) 2024-02-26 22:30:27 +01:00
project Rename project board -> column to make the UI less confusing (#30170) 2024-06-02 09:42:39 +02:00
pull
repo Add support for workflow_dispatch (#3334) 2024-06-28 05:17:11 +00:00
secret Make runs-on support variable expression (#29468) 2024-03-11 23:36:59 +07:00
shared/types
system
unit Rename project board -> column to make the UI less confusing (#30170) 2024-06-02 09:42:39 +02:00
unittest [CHORE] Remove Microsoft SQL Server Support 2024-04-05 23:37:36 +02:00
user [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
webhook webhook: sourcehut_builds: ask for access_token instead of authorization_header 2024-04-16 08:59:55 +02:00
error.go
fixture_generation.go
fixture_test.go
main_test.go
org.go
org_team.go
org_team_test.go
org_test.go
repo.go
repo_test.go
repo_transfer.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-28 15:39:00 +02:00
repo_transfer_test.go