813f0a0f40
Fix apps/
2016-07-21 18:13:57 +02:00
ba4f12baa0
Implement brute force protection
...
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
2c988ecbf4
Use the themed Defaults everywhere
2016-07-15 09:17:30 +02:00
5a8cfab68f
throw PasswordLoginForbidden on DAV
2016-06-17 11:30:24 +02:00
82b50d126c
add PasswordLoginForbiddenException
2016-06-17 11:02:07 +02:00
331d88bcab
create session token on all APIs
2016-06-13 15:38:34 +02:00
67c3a97401
Merge pull request #25046 from owncloud/fix-the-realm
...
Use the correct realm for basic authentication
2016-06-10 10:41:46 +02:00
cf06b17df1
Use the correct realm for basic authentication - fixes #23427
2016-06-09 13:53:32 +02:00
f20c617154
Allow login by email address via webdav as well - fixes #24791
2016-06-09 12:08:49 +02:00
da03a85c3c
block DAV if 2FA challenge needs to be solved first
2016-06-01 10:42:38 +02:00
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
28ce7dd262
do not allow client password logins if token auth is enforced or 2FA is enabled
2016-05-24 17:54:02 +02:00
ad10485cec
when generating browser/device token, save the login name for later password checks
2016-05-24 11:49:15 +02:00
dfb4d426c2
Add two factor auth to core
2016-05-23 11:21:10 +02:00
dd9ee10bc0
Move dav app to PSR-4 ( #24527 )
...
* Move Application to correct namespace and PSR-4 it
* Move dav app to PSR-4
2016-05-12 09:42:40 +02:00
Joas Schilling
Lukas Reschke
Christoph Wurst
Vincent Petry
Thomas Müller
Lukas Reschke
Joas Schilling