Christoph Wurst
3ab922601a
Check if session token is valid and log user out if the check fails
...
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst
2fa5e0a24e
invalidate (delete) session token on logout
...
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
Christoph Wurst
d8cde414bd
token based auth
...
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Roeland Jago Douma
f6ee738ba8
Add \OC\User\Backend
...
Since some apps (ldap et al) still depend on OC_User_Backend this seemed
like the cleanest approach.
2016-05-10 19:53:36 +02:00
Roeland Jago Douma
9e1d9871a8
Move OC_User_Database to \OC\User\Database
2016-05-10 19:53:36 +02:00
Roeland Jago Douma
9504500e5f
Move \OC\User to PSR-4
2016-05-10 19:53:36 +02:00