Gusted 06556abb6d fix: delay deleting authorization token (#6937) ... - 1ce33aa38d extended the LTA table with a purpose column so it could be extended to other tokens. However some are single-use tokens and should be deleted after use. - This did not result in a good UX for activating user as they needed to also fill in their passwords and in the case that the password was incorrect the token would no longer be usable. - This patch modifies the code to allow for a little delay before deleting authorization tokens to do additional verification such as the password check. This cannot be done before the authorization token check as that the authorization token determines who the user is. - Resolves forgejo/forgejo#6912 - Adjusted existing unit test. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6937 Reviewed-by: Otto <otto@codeberg.org> Co-authored-by: Gusted <postmaster@gusted.xyz> Co-committed-by: Gusted <postmaster@gusted.xyz>		2025-02-17 11:09:33 +00:00
..
fixtures	Implement remote user login source and promotion to regular user	2024-04-25 13:03:49 +02:00
avatar.go	feat: do not regenerate an existing random avatar	2025-02-02 12:01:58 +01:00
avatar_test.go	feat: do not regenerate an existing random avatar	2025-02-02 12:01:58 +01:00
badge.go	Remove most path-based golangci exclusions (#24214)	2023-04-19 22:08:01 -04:00
block.go	[MODERATION] User blocking	2024-02-05 15:56:45 +01:00
block_test.go	Add testifylint to lint checks (#4535)	2024-07-30 19:41:10 +00:00
email_address.go	fix: Allow Organisations to remove the Email Address (#5517)	2024-11-20 12:31:34 +00:00
email_address_test.go	fix: Allow Organisations to remove the Email Address (#5517)	2024-11-20 12:31:34 +00:00
error.go	chore: remove deadcode in models/user	2025-01-29 18:37:14 +01:00
external_login_user.go	fix: Revert "allow synchronizing user status from OAuth2 login providers (#31572)"	2024-12-12 05:59:06 +01:00
federated_user.go	initial	2024-05-16 08:15:43 +02:00
federated_user_test.go	initial	2024-05-16 08:15:43 +02:00
follow.go	[MODERATION] User blocking	2024-02-05 15:56:45 +01:00
follow_test.go	Add testifylint to lint checks (#4535)	2024-07-30 19:41:10 +00:00
list.go	Reduce usage of db.DefaultContext (#27073)	2023-09-14 17:09:32 +00:00
main_test.go	make writing main test easier (#27270)	2023-09-28 01:38:53 +00:00
must_change_password.go	Add command to bulk set must-change-password (#22823)	2023-02-14 16:12:19 -06:00
openid.go	More refactoring of db.DefaultContext (#27083)	2023-09-15 06:13:19 +00:00
openid_test.go	Add testifylint to lint checks (#4535)	2024-07-30 19:41:10 +00:00
redirect.go	feat: add configurable cooldown to claim usernames (#6422)	2025-01-24 04:16:56 +00:00
redirect_test.go	Add testifylint to lint checks (#4535)	2024-07-30 19:41:10 +00:00
search.go	fix: check for webauthn in 2fa user search (#6726)	2025-01-29 18:55:14 +00:00
setting.go	More refactoring of db.DefaultContext (#27083)	2023-09-15 06:13:19 +00:00
setting_keys.go	Add codespell support and fix a good number of typos with its help (#3270)	2024-05-09 13:49:37 +00:00
setting_test.go	Add testifylint to lint checks (#4535)	2024-07-30 19:41:10 +00:00
user.go	fix: delay deleting authorization token (#6937)	2025-02-17 11:09:33 +00:00
user_repository.go	initial	2024-05-16 08:15:43 +02:00
user_system.go	fix(commenter roles): don't give system users roles (#6766)	2025-02-05 17:34:45 +00:00
user_test.go	fix: delay deleting authorization token (#6937)	2025-02-17 11:09:33 +00:00
user_update.go	Implement FSFE REUSE for golang files (#21840)	2022-11-27 18:20:29 +00:00