Bjoern Schiessle
|
927d3865a0
|
add brute force protection to password reset to make it harder to guess user logins
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
2017-01-19 10:12:45 +01:00 |
|
Bjoern Schiessle
|
fcda3a20f4
|
create new encryption keys on password reset and backup the old one
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
2017-01-10 17:04:32 +01:00 |
|
Bjoern Schiessle
|
16bbd3fd7c
|
fix password reset if encryption is enabled
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
2016-12-08 12:08:05 +01:00 |
Lukas Reschke
|
6d686c213b
|
[WIP] Use mail for encrypting the password reset token as well
|
2016-11-03 14:27:26 +01:00 |
Joas Schilling
|
877cb06bfe
|
Use magic DI for core controllers
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
2016-09-30 10:00:26 +02:00 |
Roeland Jago Douma
|
f6423f74e3
|
Minor cleanup in core Controllers
|
2016-08-29 21:52:09 +02:00 |
|
Joas Schilling
|
736e884e9a
|
Move the reset token to core app
|
2016-08-23 15:01:38 +02:00 |
|
Joas Schilling
|
ba87db3fcc
|
Fix others
|
2016-07-21 18:13:57 +02:00 |
|
Joas Schilling
|
2c988ecbf4
|
Use the themed Defaults everywhere
|
2016-07-15 09:17:30 +02:00 |
Lukas Reschke
|
aba539703c
|
Update license headers
|
2016-05-26 19:57:24 +02:00 |
Julius Haertl
|
8ee2cb47d0
|
Show error messages if a password reset link is invalid or expired
- Moved token validation to method checkPasswordResetToken
- Render error with message from exceptions
|
2016-05-23 16:48:10 +02:00 |
|
Lukas Reschke
|
a4b19a5b1e
|
Rename files to be PSR-4 compliant
|
2016-04-06 11:00:52 +02:00 |