mirror of
1
Fork 0
forgejo/tests
Gusted 4383da91bd
[SECURITY] Notify users about account security changes
- Currently if the password, primary mail, TOTP or security keys are
changed, no notification is made of that and makes compromising an
account a bit easier as it's essentially undetectable until the original
person tries to log in. Although other changes should be made as
well (re-authing before allowing a password change), this should go a
long way of improving the account security in Forgejo.
- Adds a mail notification for password and primary mail changes. For
the primary mail change, a mail notification is sent to the old primary
mail.
- Add a mail notification when TOTP or a security keys is removed, if no
other 2FA method is configured the mail will also contain that 2FA is
no longer needed to log into their account.
- `MakeEmailAddressPrimary` is refactored to the user service package,
as it now involves calling the mailer service.
- Unit tests added.
- Integration tests added.
2024-07-23 18:31:47 +02:00
..
e2e [CHORE] Add playwright eslint plugin 2024-07-22 20:03:32 +02:00
fuzz Rework markup link rendering (#26745) 2024-01-15 08:49:24 +00:00
gitea-lfs-meta Test views of LFS files (#22196) 2022-12-23 07:41:56 +08:00
gitea-repositories-meta Add support for workflow_dispatch (#3334) 2024-06-28 05:17:11 +00:00
integration [SECURITY] Notify users about account security changes 2024-07-23 18:31:47 +02:00
testdata/data/attachments/a/0 Allow get release download files and lfs files with oauth2 token format (#26430) 2023-10-01 10:41:52 +00:00
mysql.ini.tmpl Update instance title in tests 2024-06-08 23:33:55 +05:00
pgsql.ini.tmpl Update instance title in tests 2024-06-08 23:33:55 +05:00
sqlite.ini.tmpl Update instance title in tests 2024-06-08 23:33:55 +05:00
test_utils.go Enable multiStatements for MySQL 2024-07-16 23:16:03 +02:00