Roeland Jago Douma
f2a3115157
Certain tokens can expire
...
However due to the nature of what we store in the token (encrypted
passwords etc). We can't just delete the tokens because that would make
the oauth refresh useless.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-23 17:02:15 +02:00
Joas Schilling
fad02fe00c
Add the column so we keep the value from before the update
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-18 14:45:26 +02:00
Georg Ehrke
80eb3064e2
we can't predict the size of propertyvalue. text -> clob
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-05-09 18:12:50 +02:00
Noveen Sachdeva
1b1f403a5d
Add duration of last job execution to the table
2017-04-25 17:39:58 +02:00
Bjoern Schiessle
0d5147bd49
add new password column to the share table in order to set passwords for share by mails
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:20:49 +02:00
Björn Schießle
40b99734d3
introduce accounts table and keep it up-to-date with the data added to the personal settings
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:29:41 +01:00
Robin Appelman
2389e0f250
read lockdown scope from token
...
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-11-16 15:24:27 +01:00
Christoph Wurst
d907666232
bring back remember-me
...
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
Arthur Schiwon
83ba2f2e90
final db indexes
2016-08-16 13:21:59 +02:00
Arthur Schiwon
9d9c540544
fix duplicated db index name
2016-08-09 22:43:29 +02:00
Arthur Schiwon
ceeb44bd04
Initial work on Apps page split:
...
* interfaces for the Admin settings (IAdmin) and section (ISection)
* SettingsManager service
* example setup with LDAP app
2016-08-09 18:05:09 +02:00
Lukas Reschke
ba4f12baa0
Implement brute force protection
...
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Robin Appelman
29eeeb2273
Save the files external mount id in the mount cache table
2016-07-13 16:34:08 +02:00
Christoph Wurst
0c0a216f42
store last check timestamp in token instead of session
2016-06-17 15:42:28 +02:00
Christoph Wurst
c58d8159d7
Create session tokens for apache auth users
2016-05-31 17:07:49 +02:00
Christoph Wurst
ad10485cec
when generating browser/device token, save the login name for later password checks
2016-05-24 11:49:15 +02:00
Vincent Petry
8646802850
Merge pull request #24696 from owncloud/lock-jobs-while-executing
...
Lock jobs while executing them, to allow multiple executors to run in…
2016-05-21 19:08:15 +02:00
Joas Schilling
d0a2fa0506
Lock jobs while executing them, to allow multiple executors to run in parallel
2016-05-21 01:59:25 +02:00
Vincent Petry
3cd65fe25d
Add systemtag_group table and get/set methods
...
Added systemtag to group mapping table.
Added methods in ISystemTagManager to get/set the group mappings.
2016-05-20 17:56:02 +02:00
Christoph Wurst
c28e462583
Use CLOB for auth token names to allow long user agent strings
2016-05-12 11:19:17 +02:00
Christoph Wurst
aa85edd224
increase token column width
...
add some range to time() assertions
2016-05-11 13:36:46 +02:00
Christoph Wurst
8d48502187
Add index on 'last_activity'
...
add token type column and delete only temporary tokens in the background job
debounce token updates; fix wrong class import
2016-05-11 13:36:46 +02:00
Christoph Wurst
3ab922601a
Check if session token is valid and log user out if the check fails
...
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst
2fa5e0a24e
invalidate (delete) session token on logout
...
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
Christoph Wurst
d8cde414bd
token based auth
...
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Arthur Schiwon
b3ac81f134
exchange user_id_key for a unique one.
2016-02-26 01:02:22 +01:00
Arthur Schiwon
9250704ecb
add index definitions for comments tables
2016-02-24 21:48:12 +01:00
Joas Schilling
24c7f38a00
Make sure we can store strings as per the interface
2016-02-22 15:43:20 +01:00
Roeland Jago Douma
2035a179bc
Add store/retrieve checksums
...
* Add extra db column to filecache
* Bump version
* Update filecache code to actually handle checksum
* Webdav code to store/retrieve checksums
2016-02-03 09:03:51 +01:00
Arthur Schiwon
01cdc70f9c
introduce comments read marke tables, comes with user cleanup after deletion
2016-01-29 13:08:02 +01:00
Thomas Müller
9b4c9a0357
Merge pull request #18531 from owncloud/ext-user-credentials
...
External storage 'Login credentials' auth mechanism
2016-01-22 13:14:14 +01:00
Robin Appelman
cf6ee1c866
cache mountpoints in the db
2016-01-20 16:30:22 +01:00
Robin McCorkell
da4127d23b
Introduce CredentialsManager for storage of credentials in DB
...
CredentialsManager performs a simple role, of storing and retrieving
encrypted credentials from the database. Credentials are stored by user
ID (which may be null) and credentials identifier. Credentials
themselves may be of any type that can be JSON encoded.
The rationale behind this is to avoid further (mis)use of
oc_preferences, which was being used for all manner of data not related
to user preferences.
2016-01-18 11:10:41 +01:00
Roeland Jago Douma
6c77d1734e
[Share 2.0] Update db structure to stay backwards compatible
2016-01-06 14:53:43 +01:00
Thomas Müller
08248f66ba
Merge pull request #20650 from owncloud/systemtags-core
...
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
Vincent Petry
b666367a79
Added system tags data structure and PHP side managers
...
Added SystemTagManager and SystemTagObjectMapper
2015-11-27 17:54:29 +01:00
Roeland Jago Douma
5e8256beb8
[Sharing 2.0] Add a new db column for the file owner
...
We need to store the owner of a file in the db to do efficient queries
on the owner of a file. Without this we need to construct fill paths for
each file id in the table and see who the owner of a file is. Which does
not scale.
2015-11-25 13:17:02 +01:00
Arthur Schiwon
6bd343a3b7
DB scheme for Comments table, resolves #20265
2015-11-20 18:00:52 +01:00
Morris Jobke
6b6f19bb94
Drop unused table file_map
...
* used only for windows support
* windows support was dropped in 8.2.0 - see #17379
* was introduced in fd8cb9974b
* ref #18935
2015-11-05 08:21:53 +01:00
Robin McCorkell
5ca690e2f8
Use integer for availability instead of bool
2015-09-15 10:18:32 +02:00
Thomas Müller
534b2e407a
Merge pull request #17662 from owncloud/locking-db
...
Database backend for locking
2015-08-26 03:56:37 +02:00
Robin Appelman
132a564a21
rename path field to key
2015-08-03 15:46:19 +02:00
Robin Appelman
96a9d171b3
Fix db schema
2015-08-03 14:13:36 +02:00
Robin Appelman
4ea7cbb0f5
Add database backend for high level locking
2015-08-03 14:13:35 +02:00
Robin McCorkell
df19cabb44
Store storage availability in database
...
Storage status is saved in the database. Failed storages are rechecked every
10 minutes, while working storages are rechecked every request.
Using the files_external app will recheck all external storages when the
settings page is viewed, or whenever an external storage is saved.
2015-07-20 16:27:26 +01:00
Morris Jobke
ff5bd9d918
Remove index on file_target of share table
...
* causes issues on InnoDB because it exceeds the maximal key length
of an index which is 767 (3-byte charset * varchar(512) = 1536)
* fixes #17619
2015-07-14 13:26:51 +02:00
Morris Jobke
4a37d565bd
Add indexes to speedup DB queries
...
* file_target is often used in the sharing code in JOIN statements for retrieval of shares
2015-07-08 18:04:10 +02:00
Thomas Müller
3ff484e695
we no longer support webdav locks - no need to keep the column
2015-03-12 15:23:44 +01:00
Robin Appelman
3cf237df67
set max argument length to 4000
2015-02-25 15:09:41 +01:00
Robin Appelman
6fc0eb0236
expand cron argument column to 2048
2015-02-25 15:08:40 +01:00