Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-10-29 09:16:48 +01:00
Code Issues Packages Projects Releases Activity
4,290 Commits 13 Branches 239 Tags
1acb94e85744589877484a13af715394b3558bd2
Commit Graph

5 Commits

Author SHA1 Message Date
Matias Griese
1acb94e857 Fixed error message when user clicks logout link after his session has been expired 2021-04-13 10:16:17 +03:00
Matias Griese
9108a4a85f Fixed broken 2FA login when site is not configured to use Flex Users [#2109] 2021-04-08 10:56:18 +03:00
Matias Griese
9fca08ab43 Regression: Fixed broken 2FA form [#2109] 2021-04-07 14:14:04 +03:00
Matias Griese
58e2c6cc55 Change nonce expiration message 2021-03-31 11:48:15 +03:00
Matias Griese
aa4f80eec1 Greatly improve login related actions for Admin 
* Better isolate admin to prevent session related vulnerabilities
* Removed support for custom login redirects for improved security
* Shorten forgot password link lifetime from 7 days to 1 hour
* Fixed login related pages being accessible from admin when user has logged in
* Fixed admin user creation and password reset allowing unsafe passwords
* Fixed missing validation when registering the first admin user
* Fixed reset password email not to have session specific token in it
 2021-03-26 14:39:37 +02:00