Require multiple auth factors to establish web sessions
50376aad04d2
Actions

Authored by epriestley <git@epriestley.com> on May 1 2014, 19:23.

Description

Require multiple auth factors to establish web sessions

Summary:
Ref T4398. This prompts users for multi-factor auth on login.

Roughly, this introduces the idea of "partial" sessions, which we haven't finished constructing yet. In practice, this means the session has made it through primary auth but not through multi-factor auth. Add a workflow for bringing a partial session up to a full one.

Test Plan:

Used Conduit.
Logged in as multi-factor user.
Logged in as no-factor user.
Tried to do non-login-things with a partial session.
Reviewed account activity logs.

{F149295}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8922

Details

Committed

epriestley <git@epriestley.com>

May 1 2014, 19:23

Pushed

aubort

Jan 31 2017, 17:16

Parents

rPH1e6b2f26e92d: Change spacing, layout of ObjectItem states

Branches

Unknown

Tags

Unknown

Event Timeline

epriestley <git@epriestley.com> committed rPH50376aad04d2: Require multiple auth factors to establish web sessions (authored by epriestley <git@epriestley.com>).May 1 2014, 19:23

Changes (15)

				Path
	P			resources/sql/autopatches/20140430.auth.1.partial.sql Copied from resources/sql/autopatches/20140423.session.1.hisec.sql
	M			src/__phutil_library_map__.php
	M			src/aphront/console/DarkConsoleController.php
	M			src/aphront/console/DarkConsoleDataController.php
	M			src/applications/auth/application/PhabricatorApplicationAuth.php
	M			src/applications/auth/controller/PhabricatorAuthController.php
	A			src/applications/auth/controller/PhabricatorAuthFinishController.php
	M			src/applications/auth/controller/PhabricatorAuthValidateController.php
	M			src/applications/auth/controller/PhabricatorLogoutController.php
	M			src/applications/auth/engine/PhabricatorAuthSessionEngine.php
	M			src/applications/auth/storage/PhabricatorAuthSession.php
	M			src/applications/base/controller/PhabricatorController.php
	M			src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php
	M			src/applications/people/storage/PhabricatorUserLog.php
	M			src/infrastructure/celerity/CelerityResourceController.php

Require multiple auth factors to establish web sessions50376aad04d2Actions

Description

Details

Event Timeline

Changes (15)

rPH50376aad04d2

resources/sql/autopatches/20140430.auth.1.partial.sql

src/__phutil_library_map__.php

src/aphront/console/DarkConsoleController.php

src/aphront/console/DarkConsoleDataController.php

src/applications/auth/application/PhabricatorApplicationAuth.php

src/applications/auth/controller/PhabricatorAuthController.php

src/applications/auth/controller/PhabricatorAuthFinishController.php

src/applications/auth/controller/PhabricatorAuthValidateController.php

src/applications/auth/controller/PhabricatorLogoutController.php

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

src/applications/auth/storage/PhabricatorAuthSession.php

src/applications/base/controller/PhabricatorController.php

src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php

src/applications/people/storage/PhabricatorUserLog.php

src/infrastructure/celerity/CelerityResourceController.php

Require multiple auth factors to establish web sessions
50376aad04d2
Actions