1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-30 15:42:41 +01:00
BookStack/app/Http/Controllers/Auth
Dan Brown 88e6f93abf
Prevented auto-login from direct email confirmation actions
Was done for convenience but could potentially be exploited by an
attacker using signing up via one of these routes, then forwarding
an email confirmation to another user so they unknowingly utilise
an account someone else controls.

Tweaks the flow of confirming email, and the user invite flow.

For #3050
2021-11-15 10:50:28 +00:00
..
ConfirmEmailController.php Prevented auto-login from direct email confirmation actions 2021-11-15 10:50:28 +00:00
ForgotPasswordController.php Applied styleci changes 2021-11-05 00:28:41 +00:00
HandlesPartialLogins.php Apply fixes from StyleCI 2021-08-21 14:49:40 +00:00
LoginController.php Standardised laravel validation to be array based 2021-11-05 00:26:55 +00:00
MfaBackupCodesController.php Standardised laravel validation to be array based 2021-11-05 00:26:55 +00:00
MfaController.php Apply fixes from StyleCI 2021-08-21 14:49:40 +00:00
MfaTotpController.php Fixed guest user email showing in TOTP setup url 2021-10-14 18:02:16 +01:00
OidcController.php Applied latest styles changes from style CI 2021-10-16 16:01:59 +01:00
RegisterController.php Standardised laravel validation to be array based 2021-11-05 00:26:55 +00:00
ResetPasswordController.php Apply fixes from StyleCI 2021-06-26 15:23:15 +00:00
Saml2Controller.php Changed logout routes to POST instead of GET 2021-11-14 21:13:24 +00:00
SocialController.php Apply fixes from StyleCI 2021-08-21 14:49:40 +00:00
UserInviteController.php Prevented auto-login from direct email confirmation actions 2021-11-15 10:50:28 +00:00