With a time treshold of 4 seconds
and a firstname and lastname honeypot
input fields when signing up

Don't redirect to the Almost there page after registration
and after resending confirmation instructions

Closes #55564
This is first discovered in #54739 (comment 122609857) that if both if: and only:
are used in a before_action or after_action or alike, if: is completely ignored.

Ash McKenzie authored 5 years ago and Thong Kuah committed 5 years ago

RecaptchaExperimentHelper contains helper methods
to assist in the controller and view layers.

Allows instance owners to toggle the recaptcha requirement
on the user registration page by feature flag.
Allows GitLab Growth team to measure
reCAPTCHA's impact on registrations.

- Externalize strings in controllers
- Update PO file

Enables frozen string for the following:

* app/controllers/*.rb
* app/controllers/admin/**/*.rb
* app/controllers/boards/**/*.rb
* app/controllers/ci/**/*.rb
* app/controllers/concerns/**/*.rb

Partially addresses #47424.

When a user checks the `accept` checkbox, we will track that
acceptance as usual. That way they don't need to accept again after
they complete the registration.

When an unauthenticated user visits the `/-/users/terms` page, there
is no button to accept, decline or continue. The 'current-user menu'
is also hidden from the top bar.

This ensures that we have more visibility in the number of SQL queries
that are executed in web requests. The current threshold is hardcoded to
100 as we will rarely (maybe once or twice) change it.

In production and development we use Sentry if enabled, in the test
environment we raise an error. This feature is also only enabled in
production/staging when running on GitLab.com as it's not very useful to
other users.

# This is the 1st commit message:
Add logging for all web authentication events

# This is the commit message #2:

Re-add underscore to after_inactive_sign_up_path_for

# This is the commit message #3:

Standardize on username=

# This is the commit message #4:

after_filter -> after_action, _resource -> resource

# This is the commit message #5:

Add two-factor login failures and account lockouts

# This is the commit message #6:

Move logging from two-factor concern to user model

# This is the commit message #7:

Add spaces around default parameter assignments

# This is the commit message #8:

Move logs out of user model

# This is the commit message #9:

Replace filtered_params with user_params

# This is the commit message #10:

Standardize case

# This is the commit message #1:

Fixes for username and AppLogger.info

Add a rubocop rule to check if a method 'redirect_to' is used without explicitly set 'status' in 'destroy' actions of controllers

* Changed name of delete_user_service and worker to destroy
* Move and change delete_group_service to Groups::DestroyService
* Rename Notes::DeleteService to Notes::DestroyService