Commit Graph

46 Commits

Author SHA1 Message Date
Bjoern Schiessle 5bf050b13b moved performance improvement from isLoggedIn() to userExists() to avoid webdav problems 2012-07-05 15:55:46 +02:00
Bart Visscher 4b6f6291c5 Remember result of OC_User::isLoggedIn, can be very expensive to check 2012-06-19 17:54:19 +02:00
Bart Visscher 4a5973662c Merge branch 'unstable'
Conflicts:
	apps/files_external/tests/config.php
	apps/files_versions/ajax/getVersions.php
	apps/files_versions/appinfo/app.php
	apps/files_versions/history.php
	apps/files_versions/js/versions.js
	apps/files_versions/templates/history.php
	apps/files_versions/versions.php
	lib/base.php
2012-06-04 23:02:05 +02:00
Arthur Schiwon dfc90021ca load authentication apps before checking wether user exists. fixes oc-910 2012-06-04 21:40:32 +02:00
Michael Gapczynski 993ebc4c90 Verify user exists when checking if logged in, fix for bug oc-863 2012-06-02 20:06:52 -04:00
Sam Tuke 7203f6951e Extended class comment 2012-06-01 16:34:09 +01:00
Frank Karlitschek ad6562d14f sort users and groups. fixes oc-779 2012-06-01 14:18:14 +02:00
Frank Karlitschek a945fa10a6 update copyright 2012-05-26 19:14:24 +02:00
Robin Appelman 5fe7200a7f update documentation of oc_user::checkpassword 2012-05-17 00:57:43 +02:00
Robin Appelman 1a2ab2ef68 prevent user creation with empty password 2012-05-13 20:53:56 +02:00
Bart Visscher ac2e0cd6e4 Implement default functions in OC_User backend
Simplifies calling these functions, and makes code simpler

functions:
deleteUser
getUsers
userExists
2012-05-10 09:14:26 +02:00
Michael Gapczynski e0db22cc07 Provide feedback when user creation fails 2012-05-06 18:04:48 -04:00
Frank Karlitschek e2fb094693 some more porting 2012-05-01 21:07:08 +02:00
Arthur Schiwon d3ce2cacd6 OC_User: handle success properly 2012-05-01 14:40:56 +02:00
Arthur Schiwon 8a69116e94 OC_User: don't say password changed when it is not true 2012-05-01 13:40:01 +02:00
Frank Karlitschek f0701f75a9 tiny typo 2012-04-30 13:08:08 +02:00
Florian Preinstorfer b86f2069ff Fix a session fixation vulnerability
- regenerate the session for every successful login
- properly destroy a session

Further information can be found on:
https://en.wikipedia.org/wiki/session_fixation
2012-04-12 19:15:38 +02:00
Robin Appelman ea8f71a19c Merge branch 'master' into encryption 2012-02-25 16:36:58 +01:00
Robin Appelman e039015ca1 prevent errors when a user backends gives an invalid result 2012-02-24 23:54:38 +01:00
Robin Appelman b3a974d8bb only trigger hooks for the default filesystem view 2012-02-21 20:48:48 +01:00
Robin Appelman f1cbb9effc initial integration of encryption 2012-02-21 20:48:48 +01:00
Michael Gapczynski b6d66c4727 Remove the keys in preferences when a user is deleted - Thanks rogerc 2012-01-04 15:19:16 -05:00
Georg Ehrke 534b6f3a09 Fix whitespace username 2012-01-02 11:49:53 +01:00
Florian Pritz c7d4e72341 set cookie secure if forcessl is enabled
This also moves session_start in lib/base.php down a bit because we need
OC::$SERVERROOT to get the config settings.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-24 18:42:00 +02:00
Bartek Przybylski 94696ea7de remember changed not to store password in cookie 2011-09-18 15:05:53 +02:00
Bartek Przybylski 68e7666293 Changed behaviour of remember checkbox 2011-09-18 09:15:30 +02:00
Robin Appelman ee0954b236 fix issue with login being case insensitve 2011-08-25 21:51:13 +02:00
Frank Karlitschek aa582ec43a more work on encryption 2011-08-11 17:49:36 +02:00
Robin Appelman 1f1498ceca remove Log completely 2011-08-10 14:03:54 +02:00
Jakob Sack bafd684eb6 Renaming classes :-) 2011-07-29 21:36:03 +02:00
Jakob Sack e69079f935 Further improvements 2011-07-27 20:04:42 +02:00
Jakob Sack f5c0dbd947 Use autoload 2011-07-27 19:07:28 +02:00
Bartek Przybylski c5776fdae4 remember login added 2011-07-20 15:04:14 +02:00
Robin Appelman 8b76590f5d fix creating users 2011-06-23 18:23:47 +02:00
Dominik Schmidt 3b2fcd356f Use new user backend API 2011-06-23 15:24:09 +02:00
Robin Appelman 83958ebd4b add oc_user::getUser to get the user id of the loggedin user 2011-06-22 12:50:57 +02:00
Robin Appelman ee0f1490e1 Multiply changes to user system
keeping tracked of the logged in user is no longer done by the active backend but by oc_user directly instead

multiply backends can be active at the same time, allowing alternative authentication procedures like openid or tokens to be used next to the regular user system
2011-06-21 19:28:46 +02:00
Jakob Sack da30671ec4 More error checking in user management 2011-04-18 12:39:28 +02:00
Jakob Sack f22c05deab Check for existance of group- and usernames, don't mix OC_USER and OC_GROUP! 2011-04-18 11:48:52 +02:00
Jakob Sack b37fb9142f Added tons of Hooks to OC_USER and OC_GROUP 2011-04-18 11:39:29 +02:00
Jakob Sack 1fe5f5a2df Better documentation for OC_USER 2011-04-18 10:41:01 +02:00
Jakob Sack c4287162c4 Some work on the fancy user management 2011-04-17 01:04:23 +02:00
Jakob Sack 8465f76e7e Use OC_CONFIG where possible 2011-04-16 12:18:42 +02:00
Robin Appelman 232654cb60 get rid of the oc_require and friends 2011-04-16 10:12:53 +02:00
Jakob Sack 149793f2e7 First version of the new user management 2011-04-15 17:14:02 +02:00
Jakob Sack 132695ceb1 Start of the refactoring. Commit is quite big because I forgot to use git right from the beginning. Sorry. 2011-03-01 23:20:16 +01:00