Grav-Admin-Plugin

Nemcio/Grav-Admin-Plugin

Fork 0

mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-10-27 16:26:32 +01:00

Commit Graph

Author	SHA1	Message	Date
Matias Griese	c097eee87f	Fixed error reporting for AJAX tasks if user has no permissions	2021-04-15 10:11:04 +03:00
Matias Griese	aa4f80eec1	Greatly improve login related actions for Admin * Better isolate admin to prevent session related vulnerabilities * Removed support for custom login redirects for improved security * Shorten forgot password link lifetime from 7 days to 1 hour * Fixed login related pages being accessible from admin when user has logged in * Fixed admin user creation and password reset allowing unsafe passwords * Fixed missing validation when registering the first admin user * Fixed reset password email not to have session specific token in it	2021-03-26 14:39:37 +02:00

Author

SHA1

Message

Date

Matias Griese

c097eee87f

Fixed error reporting for AJAX tasks if user has no permissions

2021-04-15 10:11:04 +03:00

Matias Griese

aa4f80eec1

Greatly improve login related actions for Admin

* Better isolate admin to prevent session related vulnerabilities
* Removed support for custom login redirects for improved security
* Shorten forgot password link lifetime from 7 days to 1 hour
* Fixed login related pages being accessible from admin when user has logged in
* Fixed admin user creation and password reset allowing unsafe passwords
* Fixed missing validation when registering the first admin user
* Fixed reset password email not to have session specific token in it

2021-03-26 14:39:37 +02:00

2 Commits