FreshRSS (Customized)/app/Controllers/authController.php, branch 1.27.0 Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.27.0 2025-07-31T11:53:14+00:00 Implement sudo mode / reauthentication (#7753) 2025-07-31T11:53:14+00:00 Inverle inverle@proton.me 2025-07-31T11:53:14+00:00 urn:sha1:3ce64d271b2b470bd6c9f7294946347dcdfed9b9 * Implement sudo mode / reauthentication * i18n: fr * generate flags * Improvements * Remove HMAC check * Don't require reauth to access logs when signed in as admin * Notify user of bad login via notification instead --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> Regenerate cookie ID after logging out (#7762) 2025-07-29T12:44:14+00:00 Inverle inverle@proton.me 2025-07-29T12:44:14+00:00 urn:sha1:e967b07589f687fcd2f71e2df265fcb7c4f15c07 To make the session cookie no longer usable if hijacked and put in another browser after user logs out Use HTTP POST for logout (#7489) 2025-04-05T21:15:37+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-04-05T21:15:37+00:00 urn:sha1:d858053a7c70b3fee0fe407420ff8bd1466d5de2 * Use HTTP POST for logout To avoid potential CSRF risks * Fixed button font issue * Minor whitespace Update bcrypt.js from 2.4.4 to 3.0.2 (#7449) 2025-03-25T09:19:51+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-03-25T09:19:51+00:00 urn:sha1:d0b961131939800a119801bfce7411ad2e429e9e https://github.com/dcodeIO/bcrypt.js/releases/tag/v3.0.0 Can be updated to the latest version with: `curl -L https://unpkg.com/bcryptjs/umd/index.js > p/scripts/vendor/bcrypt.js` fix: Update the user's last activity on login action (#7406) 2025-03-05T21:36:41+00:00 berumuron dev@marienfressinaud.fr 2025-03-05T21:36:41+00:00 urn:sha1:40cdeb86874296b090dfb48ce4d0d6c41455405b Reduce undeeded use of elvis operator ?: (#7204) 2025-01-10T07:13:09+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-01-10T07:13:09+00:00 urn:sha1:5368f38753a3e655ed3d7d7dfc7af2cc22de7980 Upgrade code to php 8.1 (#6748) 2024-11-28T16:11:04+00:00 Luc SANCHEZ 4697568+ColonelMoutarde@users.noreply.github.com 2024-11-28T16:11:04+00:00 urn:sha1:15745d42b779ad14efde2932ab116f45eee39246 * revert Fix code indentation Fix code Upgrade code to php 8.1 * fix remarques * code review * code review * code review * Apply suggestions from code review * code review * Fixes * Many remainging updates of array syntax * Lost case 'reading-list' * Uneeded PHPDoc --------- Co-authored-by: Luc Sanchez <l.sanchez-prestataire@alptis.fr> Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> Rename param specialchars to plaintext (#6809) 2024-09-15T10:00:46+00:00 Alexandre Alapetite alexandre@alapetite.fr 2024-09-15T10:00:46+00:00 urn:sha1:469a42d9c3dedaf2817ba6ffec2f0945f83e63c0 https://github.com/FreshRSS/FreshRSS/pull/6800#discussion_r1756435762 Fix unsafe login (#6797) 2024-09-11T19:45:40+00:00 Alexandre Alapetite alexandre@alapetite.fr 2024-09-11T19:45:40+00:00 urn:sha1:d1f1e42c2b180f34276d7ddd1a2bfeaf4e59ed05 fix https://github.com/FreshRSS/FreshRSS/issues/6796 Minor update whitespace PHPCS rules (#6666) 2024-08-01T18:31:40+00:00 Alexandre Alapetite alexandre@alapetite.fr 2024-08-01T18:31:40+00:00 urn:sha1:d2247221bbf23a8fe19f66ea4ad7d0a59ffaa5b4 * Minor update whitespace PHPCS rules To simplify our configuration, apply more rules, and be clearer about what is added or removed compared with PSR12. Does not change our current conventions, but just a bit more consistent. * Forgotten *.phtml * Sort exclusion patterns + add a few for Extensions repo * Relaxed some rules