* Update sabre/dav to 3.2.0
* Adjust code to work with sabre/dav 3.2.0 and it's dependencies
* Adding own CalDAV plugin to fix calendar home property
* Test if there is a user logged in when listing files home
* Update sabre version used by integration tests
* Disable unauthenticated DAV access
This is needed to make Sabre 3.2 behave like we did before.
Eventually we should integrate better with the ACL plugin which itself
should implement an auth failure when appropriate.
=====
* Fixed so cherry-pick was succesfull
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This fixes infinite loops that are caused whenever a user is about to solve a 2FA
challenge, but the provider app is disabled at the same time. Since the session
value usually indicates that the challenge needs to be solved before we grant access
we have to remove that value instead in this special case.
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
Christoph Wurst
Roeland Jago Douma
Bjoern Schiessle
Morris Jobke
Joas Schilling
Thomas Müller
Lukas Reschke
Christoph Wurst
Lukas Reschke
Joas Schilling