Commit Graph

16 Commits

Author SHA1 Message Date
Mike Dalessio 2d327e6294 Render a helpful menu of tenants temporarily 2025-10-02 16:33:25 -04:00
Jorge Manrubia 2e4138b585 Tie etag to sessions
So that we don't get CSRF token issues if sharing sessions in the same browser
2025-09-15 16:31:01 +02:00
Mike Dalessio 5540b0fd1b Make sure session cookie has the correct path for the tenant
ref: https://fizzy.37signals.com/5986089/collections/7/cards/1234
2025-08-10 18:53:52 -04:00
Mike Dalessio 57269b1b9c Allow local authentication with LOCAL_AUTHENTICATION=1
You can touch `tmp/local-auth.txt` to persist this setting.
2025-08-06 17:05:35 -04:00
Mike Dalessio 8e13ce5b78 Drop Current.account and just use Account.sole
I had reintroduced this in dacb53b8 after David removed it in
6bbf68a4, but now I agree we don't need it.

Also, fix a CORS error when trying to redirect a user to an untenanted
path after login (see
https://fizzy.37signals.com/5986089/collections/2/cards/1032).
2025-07-20 13:00:09 -04:00
Mike Dalessio 0c341d14e1 Untenanted access in authenticated controllers should request auth 2025-07-03 10:05:55 -04:00
Mike Dalessio da69bd1689 Remove local authentication code 2025-07-02 11:59:21 -04:00
Mike Dalessio d0dcb6dfa8 Redirect unauthenticated users to Launchpad 2025-06-20 17:14:58 -04:00
Mike Dalessio ee60e8dd01 Signup::AccountsController suppports signing up with a new identity 2025-06-20 15:16:57 -04:00
Mike Dalessio dacb53b8b1 Launchpad login works for existing 37id identities 2025-06-20 15:16:56 -04:00
Mike Dalessio 7dee9ed9d6 Log the authenticated user
to help track down issues reported by individuals in the logs
2025-05-07 17:13:25 -04:00
David Heinemeier Hansson dbf61f4fc3 Use _path in all cases where we are not potentially changing the domain 2025-04-13 08:17:36 +02:00
Jeffrey Hardy e6bb6ad76b Join links for user registration 2024-09-24 14:30:22 -04:00
Jeffrey Hardy 696b155f55 Use find_signed directly
There's no penalty to calling with a nil value. That's why both find_signed
and find_signed! exist. Use the latter when you expect a result.
2024-09-04 13:44:23 -04:00
Jeffrey Hardy e3983d5bbe Use Rails' new sessions generator to replace the existing setup
Ref: https://github.com/rails/rails/pull/52328
2024-08-20 14:17:05 -04:00
Kevin McConnell c4fb1bdc76 Add minimal authentication flow to get started 2024-06-21 16:45:29 +01:00