nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Daniel Calviño Sánchez	4fcadd630b	fix: Throw specific LoginException when the user is disabled Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	6 months ago
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	6 months ago
Samuel Bizien Filippi	a14cade3ac	feat(core): add cookie_domain config option Signed-off-by: Samuel Bizien Filippi <samuel.bizien-filippi@finances.gouv.fr>	6 months ago
Christoph Wurst	5003467f98	fix(session): Only mark sessions of permanent tokens as app passwords Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 months ago
Cleopatra Enjeck M.	32e46a8b3a	fix: use mb_strtolower to convert login name Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>	10 months ago
Cleopatra Enjeck M.	a6d6a1fa9e	fix: Improve string comparison Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>	10 months ago
Cleopatra Enjeck M.	6690a28cc0	fix: Use case insensitive check when validating login name Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>	10 months ago
dependabot[bot]	bb598c8451	chore(deps): Bump nextcloud/coding-standard in /vendor-bin/cs-fixer Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 1.3.1 to 1.3.2. - [Release notes](https://github.com/nextcloud/coding-standard/releases) - [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md) - [Commits](https://github.com/nextcloud/coding-standard/compare/v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: nextcloud/coding-standard dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: provokateurin <kate@provokateurin.de>	1 year ago
Fabian Dreßler	1d6cce8a25	fix: update last_login timestamp for token based-logins fixes #31075 and maybe #32953 Signed-off-by: Fabian Dreßler <nudelsalat@clouz.de>	1 year ago
Arthur Schiwon	6a783d9b08	fix(Session): avoid race conditions on clustered setups - re-stablishes old behaviour with cache to return null instead of throwing an InvalidTokenException when the token is cached as non-existing - token invalidation and re-generation are bundled in a DB transaction now Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	1 year ago
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2 years ago
Christoph Wurst	bcc02a3c71	fix(auth): Update authtoken activity selectively Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2 years ago
Christoph Wurst	21ee7f59bd	fix(session): Do not update authtoken last_check for passwordless Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2 years ago
Côme Chilliet	ec5133b739	fix: Apply new coding standard to all files Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2 years ago
Julius Härtl	e330efe5a0	fix: Implement option to temporarily set the user session Signed-off-by: Julius Härtl <jus@bitgrid.net>	2 years ago
Andrew Summers	0047789580	Refactor `OC\Server::getTwoFactorAuthManager` Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>	2 years ago
Vincent Petry	839ddaa354	feat: rename users to account or person Replace translated text in most locations Signed-off-by: Vincent Petry <vincent@nextcloud.com>	2 years ago
Côme Chilliet	b2e9e0fa0d	chore: Replace OC::$server->getL10N by OCP\Util::getL10N in lib and some apps Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2 years ago
Christoph Wurst	7f2fdd8843	fix(auth): Fix logging in with email, password and login name mismatch Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2 years ago
Git'Fellow	72e0618f20	fix(session): Avoid two useless authtoken DB queries for every anonymous request Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at> Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2 years ago
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2 years ago
Julius Härtl	a3a343ce41	perf: Use more performant way to obtain and check the email as a login name with token login Signed-off-by: Julius Härtl <jus@bitgrid.net>	2 years ago
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2 years ago
Patrick Fischer	b2103556b5	Lower log level about invalid session token	2 years ago
Christoph Wurst	4f183bb604	fix(session): Log why session renewal failed Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2 years ago
Christoph Wurst	f398d0b5a3	fix: Log critical session renewal and logout paths Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2 years ago
Christoph Wurst	83a30dfbdf	fix(user): Log affected user of app token login name mismatch Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2 years ago
Andrew Summers	1470a7294b	Refactor `OC\Server::getCsrfTokenManager` Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>	2 years ago
Joas Schilling	25309bcb45	techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 Signed-off-by: Joas Schilling <coding@schilljs.com>	2 years ago
Joas Schilling	3962cd0aa8	fix!: Move getEventDispatcher usage to IEventDispatcher Signed-off-by: Joas Schilling <coding@schilljs.com>	2 years ago
Faraz Samapoor	e7cc7653b8	Refactors "strpos" calls in lib/private to improve code readability. Signed-off-by: Faraz Samapoor <fsamapoor@gmail.com>	3 years ago
Joas Schilling	b91957e3df	fix(dav): Abort requests with 429 instead of waiting Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Côme Chilliet	426c0341ff	Use typed version of IConfig::getSystemValue as much as possible Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	3 years ago
Daniel Kesselberg	f751d2d891	chore: use local variable for remote address Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	3 years ago
Roeland Jago Douma	77df92cabf	feat: add event for failed logins Apps might also like to know about failed logins. This adds that event. The private interface changes are backwards compatible so all should be fine. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	3 years ago
Julius Härtl	de3099b4d6	Remove potential mismatching dav session data during login Signed-off-by: Julius Härtl <jus@bitgrid.net>	3 years ago
Côme Chilliet	c79a6b3f62	Fix errors from PHP 8.2 testing Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	3 years ago
Christoph Wurst	e2d3409a34	Fix unsuccessful token login logged as error The condition of a non-existent login token can happen for concurrent requests. Admins can not do anything about this. So this is to be expected to happen occasionally. This event is only bad if none of the requests is able to re-acquire a session. Luckily this happens rarely. If a login loop persists an admin can still lower the log level to find this info. But a default error log level will no longer write those infos about the failed cookie login of one request. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
Robin Appelman	1fbb951691	dont try email login if the provider username is not a valid email Signed-off-by: Robin Appelman <robin@icewind.nl>	3 years ago
Christoph Wurst	0184fbe86b	Log if cookie login failed with token mismatch or session unavailability Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
Carl Schwan	9ec0cb0a90	Fix psalm issues related to the user backend - Reflect the actual return value returned by the implementation in the the interface. E.g. IUser\|bool -> IUser\|false - Remove $hasLoggedIn parameter from private countUser implementation. Replace the two call with the equivalent countSeenUser - getBackend is nuallable, add this to the interface - Use backend interface to make psalm happy about call to undefined methods. Also helps with getting rid at some point of the old implementActions Signed-off-by: Carl Schwan <carl@carlschwan.eu>	4 years ago
Côme Chilliet	6be7aa112f	Migrate from ILogger to LoggerInterface in lib/private Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	4 years ago
Joas Schilling	86de1d569f	Only setupFS when we have to copy the skeleton Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Marek-Wojtowicz	f76a915096	Update Session.php The http headers according to rfc 2616 is iso-8859-1. This patch fixes the behavior when non-ascii characters are present in the header. Signed-off-by: Marek Wójtowicz <Marek.Wojtowicz@agh.edu.pl>	4 years ago
Joas Schilling	c0ba89ecc9	Remove default token which is deprecated since Nextcloud 13 Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Joas Schilling	ccfaddf781	Fix missing token update Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Christoph Wurst	a143337791	Emit an error log when the app token login name does not match Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	4 years ago
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	5 years ago
Joas Schilling	521bb30541	Throw "401 Unauthenticated" when authentication is provided but invalid E.g. with an AppToken that has been revoked Signed-off-by: Joas Schilling <coding@schilljs.com>	5 years ago
Lionel Elie Mamane	f99f463834	token login: emit preLogin event with LoginName to bring it in line with normal (non-token) login. Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>	5 years ago

1 2 3 4

172 Commits (master)