Lukas Reschke
ba4f12baa0
Implement brute force protection
...
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Roeland Jago Douma
e42f2f2650
AppFramework do not get default response
...
The OCSResponse differs from other responses in that it defaults to
XML. However we fell back to json by default.
This makes sure that if nothing is set we don't pass anything.
Which defaults then to the controllers default (which is often 'json')
but in the case of the OCSResponse 'xml'.
2016-07-20 22:05:43 +02:00
Lukas Reschke
020a2a6958
Merge pull request #476 from nextcloud/port-same-site-cookies
...
[master] Port Same-Site Cookies to master
2016-07-20 21:35:02 +02:00
Roeland Jago Douma
ea47974a08
Add OCSMiddleware to catch OCS exceptions
...
* OCSException
* OCSBadRequestException
* OCSForbiddenException
* OCSNotFoundException
2016-07-20 20:03:49 +02:00
Lukas Reschke
a299fa38a9
[master] Port Same-Site Cookies to master
...
Fixes https://github.com/nextcloud/server/issues/50
2016-07-20 18:37:57 +02:00
Roeland Douma
13a25535d2
Merge pull request #400 from nextcloud/ocs_appframework
...
OCS routes use AppFramework
2016-07-19 12:21:14 +02:00
Joas Schilling
b1d652e8b0
Copy the regexes to the public interface
2016-07-18 15:11:44 +02:00
Roeland Jago Douma
0bda09236e
Add route tests
2016-07-18 11:09:49 +02:00
Roeland Jago Douma
1ff4b7f63d
Allow registering of OCS routes with the appframework
2016-07-18 11:09:04 +02:00
Christoph Wurst
82b50d126c
add PasswordLoginForbiddenException
2016-06-17 11:02:07 +02:00
Christoph Wurst
331d88bcab
create session token on all APIs
2016-06-13 15:38:34 +02:00
Christoph Wurst
9997c431c3
use client login method on CORS routes
2016-06-08 15:18:53 +02:00
Christoph Wurst
5e71d23ded
remember redirect_url when solving the 2FA challenge
2016-06-01 14:43:47 +02:00
Lukas Reschke
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
Joas Schilling
aac990eddf
Add a background job that generates notifications when an update is available
2016-05-24 11:26:51 +02:00
Christoph Wurst
dfb4d426c2
Add two factor auth to core
2016-05-23 11:21:10 +02:00
Joas Schilling
7e3ce83526
Add a method to lock a table
2016-05-21 01:59:03 +02:00
Christoph Wurst
13883d2d57
add IClientService to DI container
2016-05-01 15:08:56 +02:00
Roeland Jago Douma
eb11ed1851
Make ownCloud work again in php 7.0.6
...
See https://bugs.php.net/bug.php?id=72117
2016-04-28 12:23:17 +02:00
Joas Schilling
6d668807fb
Allow automatic dependency injection for OCP\Mail\Mailer
2016-04-25 16:02:57 +02:00
Roeland Jago Douma
4eebccd81f
Fix inconsistent nameing of AppFramework
2016-04-22 16:00:00 +02:00
Roeland Jago Douma
1d33a5ef13
Move \OC\AppFramework to PSR-4
...
* Also moved the autoloader setup a bit up since we need it in initpaths
2016-04-22 15:28:09 +02:00