Christoph Wurst
b824706ec5
check same URL in unit tests
2016-09-21 12:57:43 +02:00
Christoph Wurst
8c82628622
redirect to default app after solving the 2FA challenge
2016-09-21 12:57:37 +02:00
Lukas Reschke
1f177aa105
Use getMockBuilder instead of createMock
2016-08-16 21:36:59 +02:00
Lukas Reschke
737591f239
Merge pull request #858 from nextcloud/stable10-when-logged-in-then-just-redirect-to-redirected-page
...
[stable10] when logged in then just redirect to redirected page
2016-08-16 18:13:24 +02:00
Roeland Jago Douma
a8ba573ba9
We have to mock the is_uploaded_file in the OC\Core\Controller namespace
2016-08-15 20:09:48 +02:00
Roeland Jago Douma
b860fa7125
Fix mock call in AvatarControllerTest
2016-08-15 20:09:37 +02:00
Lukas Reschke
5e9c7d3ff3
Use generated URL
2016-08-15 19:26:24 +02:00
Lukas Reschke
ab9a8ce952
Fix tests for LoginController
2016-08-15 17:52:54 +02:00
Lukas Reschke
9ac6b83687
Use createMock instead of deprecated getMock
2016-08-13 21:04:16 +02:00
Lukas Reschke
be1e64486f
Redirect users when already logged-in on login form
2016-08-13 21:04:10 +02:00
Lukas Reschke
c1589f163c
Mitigate race condition
2016-07-20 23:09:27 +02:00
Lukas Reschke
ba4f12baa0
Implement brute force protection
...
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Morris Jobke
2791b8f00d
Revert "occ web executor ( #24957 )"
...
This reverts commit 854352d9a0
.
2016-07-07 12:14:45 +02:00
VicDeo
854352d9a0
occ web executor ( #24957 )
...
* Initial web executor
* Fix PHPDoc
Fix broken integration test
OccControllerTests do not require database access - moch them all!
Kill unused sprintf
2016-06-22 13:12:36 +02:00
Thomas Müller
232d735893
Do not leak the login name - fixes #25047
2016-06-09 16:44:31 +02:00
Vincent Petry
7dcc47dc94
Merge pull request #25011 from owncloud/issue-24745-allow-to-cancel-2fa
...
Allow to cancel 2FA after login
2016-06-08 10:27:21 +02:00
Joas Schilling
3e3b326c85
Allow to cancel 2FA after login
2016-06-07 18:17:29 +02:00
Christoph Wurst
8f7a4aaa4d
do not generate device token if 2FA is enable for user
2016-06-07 09:09:51 +02:00
Christoph Wurst
5e71d23ded
remember redirect_url when solving the 2FA challenge
2016-06-01 14:43:47 +02:00
Vincent Petry
7f20203006
Merge pull request #24836 from owncloud/auth-tests-to-psr4
...
Move parallel merged auth tests to PSR-4
2016-05-25 15:15:19 +02:00
Joas Schilling
8afbd80328
Move parallel merged auth tests to PSR-4
2016-05-25 12:02:05 +02:00
Vincent Petry
25e6026fa6
Merge pull request #24735 from juliushaertl/passwordreset-invalid
...
Show error messages if a password reset link is invalid or expired
2016-05-25 11:08:46 +02:00
Christoph Wurst
ad10485cec
when generating browser/device token, save the login name for later password checks
2016-05-24 11:49:15 +02:00
Julius Haertl
d065980814
Add more tests for OC\Core\Controller\LostController
...
- remove testResetFormUnsuccessful as it is now splitted up in different test cases
- add testResetFormInvalidToken to check if timestamp and token are present
- add testResetFormInvalidTokenMatch to check if the saved token matches the provided
- add testResetFormExpiredToken to check if expiration detection works
- add testResetFormValidToken to check if detection of valid tokens works
2016-05-23 16:48:10 +02:00
Christoph Wurst
dfb4d426c2
Add two factor auth to core
2016-05-23 11:21:10 +02:00
Joas Schilling
392bc0c6b9
Move tests/core/ to PSR-4
2016-05-19 11:18:25 +02:00