Differential D8922

Require multiple auth factors to establish web sessions
ClosedPublic
Actions

Authored by epriestley on May 1 2014, 2:30 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Thu, Nov 21, 10:42 AM

	Unknown Object (File)
	Sun, Nov 17, 5:22 AM

	Unknown Object (File)
	Oct 10 2024, 11:38 PM

	Unknown Object (File)
	Oct 7 2024, 1:11 AM

	Unknown Object (File)
	Sep 21 2024, 8:13 AM

	Unknown Object (File)
	Sep 12 2024, 9:26 AM

	Unknown Object (File)
	Sep 12 2024, 9:26 AM

	Unknown Object (File)
	Sep 6 2024, 11:08 AM

Subscribers

Details

Reviewers

Maniphest Tasks

T4398: Implement two-factor authentication

Commits

Restricted Diffusion Commit
rP50376aad04d2: Require multiple auth factors to establish web sessions

Summary

Ref T4398. This prompts users for multi-factor auth on login.

Roughly, this introduces the idea of "partial" sessions, which we haven't finished constructing yet. In practice, this means the session has made it through primary auth but not through multi-factor auth. Add a workflow for bringing a partial session up to a full one.

Test Plan

Used Conduit.
Logged in as multi-factor user.
Logged in as no-factor user.
Tried to do non-login-things with a partial session.
Reviewed account activity logs.

Screen_Shot_2014-04-30_at_7.30.26_PM.png (674×1 px, 98 KB)

Diff Detail

Repository

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

epriestley updated this revision to Diff 21172.May 1 2014, 2:30 AM

epriestley retitled this revision from to Require multiple auth factors to establish web sessions.

epriestley updated this object.

epriestley edited the test plan for this revision. (Show Details)

epriestley added a reviewer: btrahan.

epriestley added a task: T4398: Implement two-factor authentication.

Herald added a subscriber: epriestley. · View Herald TranscriptMay 1 2014, 2:30 AM

Harbormaster completed remote builds in B157: Diff 21172.May 1 2014, 2:31 AM

btrahan accepted this revision.May 1 2014, 5:11 PM

btrahan edited edge metadata.

This revision is now accepted and ready to land.May 1 2014, 5:11 PM

Closed by commit rP50376aad04d2 (authored by @epriestley).

Revision Contents
Changeset List

Path

Size

resources/

sql/

autopatches/

20140430.auth.1.partial.sql

2 lines

src/

__phutil_library_map__.php

2 lines

aphront/

console/

DarkConsoleController.php

4 lines

DarkConsoleDataController.php

4 lines

applications/

auth/

application/

PhabricatorApplicationAuth.php

1 line

controller/

PhabricatorAuthController.php

2 lines

PhabricatorAuthFinishController.php

71 lines

PhabricatorAuthValidateController.php

14 lines

PhabricatorLogoutController.php

4 lines

engine/

PhabricatorAuthSessionEngine.php

71 lines

storage/

PhabricatorAuthSession.php

1 line

base/

controller/

PhabricatorController.php

23 lines

conduit/

method/

ConduitAPI_conduit_connect_Method.php

8 lines

people/

storage/

PhabricatorUserLog.php

6 lines

infrastructure/

celerity/

CelerityResourceController.php

4 lines

Diff 21189

resources/sql/autopatches/20140430.auth.1.partial.sql

Loading...

src/__phutil_library_map__.php

Loading...

src/aphront/console/DarkConsoleController.php

Loading...

src/aphront/console/DarkConsoleDataController.php

Loading...

src/applications/auth/application/PhabricatorApplicationAuth.php

Loading...

src/applications/auth/controller/PhabricatorAuthController.php

Loading...

src/applications/auth/controller/PhabricatorAuthFinishController.php

Loading...

src/applications/auth/controller/PhabricatorAuthValidateController.php

Loading...

src/applications/auth/controller/PhabricatorLogoutController.php

Loading...

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Loading...

src/applications/auth/storage/PhabricatorAuthSession.php

Loading...

src/applications/base/controller/PhabricatorController.php

Loading...

src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php

Loading...

src/applications/people/storage/PhabricatorUserLog.php

Loading...

src/infrastructure/celerity/CelerityResourceController.php

Loading...