mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-12 23:44:27 +02:00
Code Issues Releases Wiki Activity
3,811 Commits 91 Branches 55 Tags
d1dfa758e47a15574c2893b3c8a9d9946effaeed
Commit Graph

4 Commits

Author SHA1 Message Date
Franz Liedke
d492579638 Apply fixes from StyleCI 
[ci skip] [skip ci]
 2019-11-28 00:16:50 +00:00
Franz Liedke
3417f5a77e Make existing extensions compatible with new stack 2019-08-10 00:26:22 +02:00
Toby Zerner
1031826a3d Apply fixes from StyleCI 
[ci skip] [skip ci]
 2016-11-29 05:03:53 +00:00
Toby Zerner
9896378b59 Overhaul sessions, tokens, and authentication 
- Use cookies + CSRF token for API authentication in the default client. This mitigates potential XSS attacks by making the token unavailable to JavaScript. The Authorization header is still supported, but not used by default.
- Make sensitive/destructive actions (editing a user, permanently deleting anything, visiting the admin CP) require the user to re-enter their password if they haven't entered it in the last 30 minutes.
- Refactor and clean up the authentication middleware.
- Add an `onhide` hook to the Modal component. (+1 squashed commit)
 2015-12-03 15:11:57 +10:30