Merge branch 'auth-improvements' into 'develop'
Cookie auth rework / Auth subsystem refactoring and tweaks Closes pleroma/secteam/pleroma#3 See merge request pleroma/pleroma!3112
This commit is contained in:
lain
commit
477c6c8e55
45 changed files with 974 additions and 791 deletions
|
|
@ -25,6 +25,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- The site title is now injected as a `title` tag like preloads or metadata.
|
||||
- Password reset tokens now are not accepted after a certain age.
|
||||
- Mix tasks to help with displaying and removing ConfigDB entries. See `mix pleroma.config`
|
||||
- OAuth form improvements: users are remembered by their cookie, the CSS is overridable by the admin, and the style has been improved.
|
||||
- OAuth improvements and fixes: more secure session-based authentication (by token that could be revoked anytime), ability to revoke belonging OAuth token from any client etc.
|
||||
|
||||
<details>
|
||||
<summary>API Changes</summary>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue