nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Martin	53b8330e6d	Defining App "cron" for "Invalidating tokens older than" message #27167 (#27201 ) Signed-off-by: Morris Jobke <hey@morrisjobke.de>	9 years ago
Christoph Wurst	21d3fe5883	do not hard-require the token provider The provider might need DB access and therefore depenedency resolution fails on the setup page where we cannot inject the db implementation. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	6f74ecd94a	use login hook credentials as fallback If no session token is available, we can use the credentials provided by the login hook. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	3316a9d294	fix @since annotations (9.1->12) Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	46adb3eced	replace session implementation if it changes at runtime Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	a6dca9e7a0	add login credential store Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	ed4017dfb4	fix minor issues Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	7ae9442f3d	Publish, parse and filter 2FA activities Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	2f36920ddf	fix undefined index error when the backup codes provider is not active In users have not created backup codes yet the app is not enabled for that user and therefore we got an undefined index error because the code assumed it was always there. It now properly returns null. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	2183a1f3e6	copy remember-me value when renewing a session token On renew, a session token is duplicated. For some reason we did not copy over the remember-me attribute value. Hence, the new token was deleted too early in the background job and remember-me did not work properly. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Robin Appelman	73dfe1835a	use lower loglevel for token cleanup messages Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Robin Appelman	e77432783b	Add test for setting up fake fs Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Roeland Jago Douma	e5bc80b31d	Adds TokenProvider and Mapper tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Robin Appelman	4c3d18a9fc	explicit types Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Robin Appelman	a4ea20a259	cast to int Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Robin Appelman	c5df58ec69	phpdoc Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Robin Appelman	7e9e5db496	fix setscope Signed-off-by: Robin Appelman <icewind@owncloud.com>	9 years ago
Robin Appelman	1afccde16a	allow configuring filesystem access Signed-off-by: Robin Appelman <icewind@owncloud.com>	9 years ago
Robin Appelman	b4e27d35f5	app password scope wip Signed-off-by: Robin Appelman <icewind@owncloud.com>	9 years ago
Robin Appelman	2389e0f250	read lockdown scope from token Signed-off-by: Robin Appelman <icewind@owncloud.com>	9 years ago
Christoph Wurst	4da6b20e76	document what the method does Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Lukas Reschke	9d6e01ef40	Add missing tests and fix PHPDoc Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Lukas Reschke	271f2a4cff	Fix typ in constant name Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Lukas Reschke	b269ed5a7b	Fix invalid PHPDocs Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Christoph Wurst	d907666232	bring back remember-me * try to reuse the old session token for remember me login * decrypt/encrypt token password and set the session id accordingly * create remember-me cookies only if checkbox is checked and 2fa solved * adjust db token cleanup to store remembered tokens longer * adjust unit tests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	8acb734854	add 2fa backup codes app * add backup codes app unit tests * add integration tests for the backup codes app	9 years ago
Christoph Wurst	6af2efb679	prevent infinite redirect loops if the there is no 2fa provider to pass This fixes infinite loops that are caused whenever a user is about to solve a 2FA challenge, but the provider app is disabled at the same time. Since the session value usually indicates that the challenge needs to be solved before we grant access we have to remove that value instead in this special case.	10 years ago
Christoph Wurst	e90f00791d	add invalidateOldTokens to IProvider interface	10 years ago
Robin Appelman	681ac9f19f	Check if an app provide two-factor-auth providers before we try to use them	10 years ago
Joas Schilling	ba87db3fcc	Fix others	10 years ago
Christoph Wurst	b805908dca	update session token password on user password change	10 years ago
Christoph Wurst	b0f2878f6e	close cursor after loading a token	10 years ago
Christoph Wurst	0c0a216f42	store last check timestamp in token instead of session	10 years ago
Christoph Wurst	c4149c59c2	use token last_activity instead of session value	10 years ago
Christoph Wurst	82b50d126c	add PasswordLoginForbiddenException	10 years ago
Christoph Wurst	a40d64ff7f	load 2FA provider apps before querying classes	10 years ago
Christoph Wurst	5daa9a5417	fail hard if 2fa provider can not be loaded (#25061 )	10 years ago
blizzz	51fd2602a7	Revert "Downstream 2016-06-08"	10 years ago
Christoph Wurst	60e15e934c	do not generate device token if 2FA is enable for user	10 years ago
Christoph Wurst	8f7a4aaa4d	do not generate device token if 2FA is enable for user	10 years ago
Christoph Wurst	c58d8159d7	Create session tokens for apache auth users	10 years ago
Lukas Reschke	aba539703c	Update license headers	10 years ago
Christoph Wurst	ad10485cec	when generating browser/device token, save the login name for later password checks	10 years ago
Christoph Wurst	847bbc51b6	add OCC command to enable/disable 2FA for a user	10 years ago
Christoph Wurst	dfb4d426c2	Add two factor auth to core	10 years ago
Christoph Wurst	74277c25be	add button to invalidate browser sessions/device tokens	10 years ago
Christoph Wurst	6495534bcd	add button to add new device tokens	10 years ago
Christoph Wurst	12431aa399	list user's auth tokens on the personal settings page	10 years ago
Christoph Wurst	0626578739	add method to query all user auth tokens	10 years ago
Christoph Wurst	98b465a8b9	a single token provider suffices	10 years ago

1 2

62 Commits (d4a7cfec7ca61ba48fdb20134409ad2500e0e7a7)