Commit Graph

11 Commits

Author SHA1 Message Date
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Christoph Wurst da03a85c3c
block DAV if 2FA challenge needs to be solved first 2016-06-01 10:42:38 +02:00
Lukas Reschke aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Lukas Reschke 9b3c4e8dc4 Require CSRF token for non WebDAV authenticated requests 2016-02-18 11:18:36 +01:00
Thomas Müller cca2ade199 Adding pre oc 9.0 CardDAV endpoint for migration of old clients 2016-02-08 10:52:30 +01:00
Joas Schilling 3bdcfef395 Remove the listener plugin 2016-01-13 10:33:08 +01:00
Thomas Müller 682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Lukas Reschke a3fc40921b Add fake locker plugin for WebDAVFS
WebDAVFS as used by Finder requires a Class 2 compatible WebDAV server. This change introduces a fake locking provider which will simply advertise Locking support when a request originates from WebDAVFS. It will also return successful LOCK and UNLOCK responses.
2015-11-13 23:31:08 +01:00
Lukas Reschke cddc9abc06 Add tests for Sabre Auth plugin + make getCurrentUser compatible 2015-10-23 17:30:47 +02:00
Roeland Jago Douma ca27024fa2 Fix webdav access
* Correct namespace
* Pass the EventDispatcher to the webDAV server
2015-10-16 13:17:12 +02:00
Thomas Müller f2889dc6e4 Consolidate webdav code - move all to one app 2015-10-16 13:17:12 +02:00