colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bookstack/tests/Auth
History
Dan Brown 5632fef621
Auth: Added specific guards against guest account login 
Hardened things to enforce the intent that the guest account should not
be used for logins.
Currently this would not be allowed due to empty set password, and no
password fields on user edit forms, but an error could occur if the
login was attempted.

This adds:
- Handling to show normal invalid user warning on login instead of a
  hash check error.
- Prevention of guest user via main login route, in the event that
  inventive workarounds would be used by admins to set a password for
  this account.
- Test for guest user login.
 		2024-12-11 14:22:48 +00:00
..
AuthTest.php Auth: Added specific guards against guest account login 2024-12-11 14:22:48 +00:00
GroupSyncServiceTest.php
LdapTest.php LDAP: Review and testing of mulitple-display-name attr support 2024-12-01 18:42:54 +00:00
LoginAutoInitiateTest.php
MfaConfigurationTest.php
MfaVerificationTest.php
OidcTest.php OIDC: Added extra userinfo content-type normalisation and test 2024-11-28 16:58:06 +00:00
RegistrationTest.php Auth: Changed email confirmations to use login attempt user 2024-05-20 17:23:15 +01:00
ResetPasswordTest.php Routes: Added throttling to a range of auth-related endpoints 2024-05-20 14:00:58 +01:00
Saml2Test.php
SocialAuthTest.php
UserInviteTest.php Routes: Added throttling to a range of auth-related endpoints 2024-05-20 14:00:58 +01:00