Commit Graph

11 Commits

Author SHA1 Message Date
Lukas Reschke 737591f239 Merge pull request #858 from nextcloud/stable10-when-logged-in-then-just-redirect-to-redirected-page
[stable10] when logged in then just redirect to redirected page
2016-08-16 18:13:24 +02:00
Lukas Reschke 5e9c7d3ff3
Use generated URL 2016-08-15 19:26:24 +02:00
Lukas Reschke ab9a8ce952
Fix tests for LoginController 2016-08-15 17:52:54 +02:00
Lukas Reschke 9ac6b83687 Use createMock instead of deprecated getMock 2016-08-13 21:04:16 +02:00
Lukas Reschke be1e64486f Redirect users when already logged-in on login form 2016-08-13 21:04:10 +02:00
Lukas Reschke c1589f163c
Mitigate race condition 2016-07-20 23:09:27 +02:00
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Thomas Müller 232d735893
Do not leak the login name - fixes #25047 2016-06-09 16:44:31 +02:00
Christoph Wurst ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Christoph Wurst dfb4d426c2
Add two factor auth to core 2016-05-23 11:21:10 +02:00
Joas Schilling 392bc0c6b9
Move tests/core/ to PSR-4 2016-05-19 11:18:25 +02:00