0c0a216f42
store last check timestamp in token instead of session
2016-06-17 15:42:28 +02:00
c58d8159d7
Create session tokens for apache auth users
2016-05-31 17:07:49 +02:00
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
ad10485cec
when generating browser/device token, save the login name for later password checks
2016-05-24 11:49:15 +02:00
74277c25be
add button to invalidate browser sessions/device tokens
2016-05-23 09:11:12 +02:00
12431aa399
list user's auth tokens on the personal settings page
2016-05-23 09:11:12 +02:00
98b465a8b9
a single token provider suffices
2016-05-18 09:20:48 +02:00
46bdf6ea2b
fix PHPDoc and other minor issues
2016-05-11 13:36:46 +02:00
f0f8bdd495
PHPDoc and other minor fixes
2016-05-11 13:36:46 +02:00
fdc2cd7554
Add token auth for OCS APIs
2016-05-11 13:36:46 +02:00
8d48502187
Add index on 'last_activity'
...
add token type column and delete only temporary tokens in the background job
debounce token updates; fix wrong class import
2016-05-11 13:36:46 +02:00
3ab922601a
Check if session token is valid and log user out if the check fails
...
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
2fa5e0a24e
invalidate (delete) session token on logout
...
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
d8cde414bd
token based auth
...
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Christoph Wurst
Lukas Reschke