AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
e323ce875f1eeb5158996d6bd1f327324b51dd0a
Kanboard-Prod/app/Core/Security
History
irdc 4b76bc5b32 Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data 
* Use a HMAC to sign and validate CSRF tokens, instead of generating random
ones and storing them in the session data. Reduces number of writes to
sessions table and fixes kanboard issue #4942.
* Added missing CSRF check for starting/stopping subtask timers.

Co-authored-by: Willemijn Coene <willemijn@irdc.nl>
2022-09-17 17:23:41 -07:00
..
AccessMap.php
PHPdoc cleanup
2016-03-04 21:11:12 -05:00
AuthenticationManager.php
Authorize only API tokens when 2FA is enabled
2019-02-01 15:40:35 -08:00
AuthenticationProviderInterface.php
Rewrite of the authentication and authorization system
2015-12-05 20:31:27 -05:00
Authorization.php
Rewrite of the authentication and authorization system
2015-12-05 20:31:27 -05:00
OAuthAuthenticationProviderInterface.php
PHPdoc cleanup
2016-03-04 21:11:12 -05:00
PasswordAuthenticationProviderInterface.php
PHPdoc cleanup
2016-03-04 21:11:12 -05:00
PostAuthenticationProviderInterface.php
Render QR code for TwoFactor authentication without Google Chart API
2017-03-09 21:24:04 -05:00
PreAuthenticationProviderInterface.php
PHPdoc cleanup
2016-03-04 21:11:12 -05:00
Role.php
Custom project roles inherit from project members
2016-09-08 20:44:03 -04:00
SessionCheckProviderInterface.php
Rewrite of the authentication and authorization system
2015-12-05 20:31:27 -05:00
Token.php
Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data
2022-09-17 17:23:41 -07:00