Commit Graph

17 Commits

Author SHA1 Message Date
Christoph Wurst e077d78ec9 Show login error message correctly (#24599) 2016-05-12 16:53:50 +02:00
Lukas Reschke ee0ebd192a Use proper URL generation function (#24576)
Fixes the redirection after login, otherwise `core/files/index` is opened which fails.
2016-05-11 19:39:57 +02:00
Christoph Wurst 0486d750aa
use the UID for creating the session token, not the login name 2016-05-11 13:36:46 +02:00
Christoph Wurst 214aa6639c
fix login with email 2016-05-11 13:36:46 +02:00
Christoph Wurst 46bdf6ea2b
fix PHPDoc and other minor issues 2016-05-11 13:36:46 +02:00
Christoph Wurst 3ffa7d986a
show login error 2016-05-11 13:36:46 +02:00
Christoph Wurst aa85edd224
increase token column width
add some range to time() assertions
2016-05-11 13:36:46 +02:00
Christoph Wurst aafd660b97
fix LoginController unit tests 2016-05-11 13:36:46 +02:00
Christoph Wurst 7aa16e1559
fix setup 2016-05-11 13:36:46 +02:00
Christoph Wurst fdc2cd7554
Add token auth for OCS APIs 2016-05-11 13:36:46 +02:00
Christoph Wurst 3ab922601a
Check if session token is valid and log user out if the check fails
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst d8cde414bd
token based auth
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Lukas Reschke 8222ad5157
Move logout to controller
Testable code. Yay.
2016-04-18 21:21:52 +02:00
Lukas Reschke d4a93893bb
Also check for an empty string
PHP. Yay.
2016-04-15 19:53:14 +02:00
Lukas Reschke fee95084ae
Rename `username` to `loginName`
UID and login name are two different things.
2016-04-15 19:02:19 +02:00
Lukas Reschke 8a650a51be
Use !== instead of empty
Users can be named null
2016-04-15 18:57:11 +02:00
Lukas Reschke 331e4efacb
Move login form into controller
First step on getting the authorisation stuff cleaned up. This is only for the login form, all other stuff is still where it is.
2016-04-15 17:36:23 +02:00