5ca9a7d6bc
Loss of performance on Login after upgrade from NC10 + LDAP to NC 12 + LDAP #6732
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-11-27 09:22:44 +01:00
0eebff152a
Update license headers
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
38bb6e1477
Fix duplicate session token after remembered login
...
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 21:39:31 +02:00
9163cf9241
Fix AppPassword 2FA auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
b96485b6bd
Fix login with basic auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
84b7022118
Improve 2FA
...
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +02:00
fc22a2cb07
Fix auth provider
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
a76d4ef04e
Fix clob comparison
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:15 +02:00
5f227bd93b
More phpstorm inspection fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 11:39:29 +02:00
4e42f059ed
Minor typos
...
Signed-off-by: Marcel Waldvogel <marcel.waldvogel@uni-konstanz.de>
2017-07-21 09:50:44 +02:00
7976927628
Merge pull request #4894 from nextcloud/generic-security-activities
...
Change 2FA activities to more generic security activities
2017-05-19 00:50:44 +02:00
0928b5f621
Change 2FA activities to more generic security activities
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
77827ebf11
Rename table back to lowercase
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
1eb7f4956b
delete auth token when client gets deleted
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:07 +02:00
53b8330e6d
Defining App "cron" for "Invalidating tokens older than" message #27167 ( #27201 )
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 22:51:47 -06:00
21d3fe5883
do not hard-require the token provider
...
The provider might need DB access and therefore depenedency
resolution fails on the setup page where we cannot inject
the db implementation.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:11 +01:00
6f74ecd94a
use login hook credentials as fallback
...
If no session token is available, we can use the credentials provided
by the login hook.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:11 +01:00
3316a9d294
fix @since annotations (9.1->12)
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:11 +01:00
46adb3eced
replace session implementation if it changes at runtime
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:11 +01:00
a6dca9e7a0
add login credential store
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:09 +01:00
ed4017dfb4
fix minor issues
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:48 +01:00
7ae9442f3d
Publish, parse and filter 2FA activities
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:47 +01:00
0cc771ce19
Merge pull request #2353 from nextcloud/renew-session-token-remember
...
copy remember-me value when renewing a session token
2016-11-28 14:04:13 +01:00
2f36920ddf
fix undefined index error when the backup codes provider is not active
...
In users have not created backup codes yet the app is not enabled for that user
and therefore we got an undefined index error because the code assumed it was
always there. It now properly returns null.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-28 08:48:57 +01:00
2183a1f3e6
copy remember-me value when renewing a session token
...
On renew, a session token is duplicated. For some reason we did
not copy over the remember-me attribute value. Hence, the new token
was deleted too early in the background job and remember-me did
not work properly.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-27 14:19:57 +01:00
73dfe1835a
use lower loglevel for token cleanup messages
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 10:42:12 +01:00
e77432783b
Add test for setting up fake fs
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:32 +01:00
e5bc80b31d
Adds TokenProvider and Mapper tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 15:24:31 +01:00
4c3d18a9fc
explicit types
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:29 +01:00
a4ea20a259
cast to int
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:29 +01:00
c5df58ec69
phpdoc
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:28 +01:00
7e9e5db496
fix setscope
...
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-11-16 15:24:28 +01:00
1afccde16a
allow configuring filesystem access
...
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-11-16 15:24:27 +01:00
b4e27d35f5
app password scope wip
...
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-11-16 15:24:27 +01:00
2389e0f250
read lockdown scope from token
...
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-11-16 15:24:27 +01:00
4da6b20e76
document what the method does
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 17:42:46 +01:00
9d6e01ef40
Add missing tests and fix PHPDoc
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 13:39:17 +01:00
271f2a4cff
Fix typ in constant name
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 13:39:17 +01:00
b269ed5a7b
Fix invalid PHPDocs
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 13:39:17 +01:00
d907666232
bring back remember-me
...
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
8acb734854
add 2fa backup codes app
...
* add backup codes app unit tests
* add integration tests for the backup codes app
2016-09-05 08:51:13 +02:00
6af2efb679
prevent infinite redirect loops if the there is no 2fa provider to pass
...
This fixes infinite loops that are caused whenever a user is about to solve a 2FA
challenge, but the provider app is disabled at the same time. Since the session
value usually indicates that the challenge needs to be solved before we grant access
we have to remove that value instead in this special case.
2016-08-24 10:49:23 +02:00
e90f00791d
add invalidateOldTokens to IProvider interface
2016-08-02 12:08:13 +02:00
681ac9f19f
Check if an app provide two-factor-auth providers before we try to use them
2016-07-23 13:26:57 +02:00
ba87db3fcc
Fix others
2016-07-21 18:13:57 +02:00
3db5de95bd
Merge pull request #25172 from owncloud/token-login-validation
...
Token login validation
2016-06-22 13:58:56 +02:00
b805908dca
update session token password on user password change
2016-06-21 10:24:25 +02:00
88b9f5a357
Merge pull request #25162 from owncloud/password-login-forbidden-hint
...
Password login forbidden hint
2016-06-20 17:05:20 +02:00
b0f2878f6e
close cursor after loading a token
2016-06-17 16:13:28 +02:00
0c0a216f42
store last check timestamp in token instead of session
2016-06-17 15:42:28 +02:00
Flávio Gomes da Silva Lisboa
Morris Jobke
Christoph Wurst
Roeland Jago Douma
Joas Schilling
Marcel Waldvogel
Lukas Reschke
Bjoern Schiessle
Martin
Robin Appelman
Robin Appelman
Vincent Petry
Christoph Wurst