Commit Graph

289 Commits

Author SHA1 Message Date
Roeland Jago Douma 78273cb1e6
Add an endppoint for clients to request an app password
Now that we allow enforcing 2 factor auth it make sense if we also allow
and endpoint where the clients can in the background fetch an
apppassword if they were configured before the login flow was present.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 19:05:20 +02:00
Roeland Jago Douma d9febae5b2
Update all the publickey tokens if needed on web login
* On weblogin check if we have invalid public key tokens
* If so update them all with the new token

This ensures that your marked as invalid tokens work again if you once
login on the web.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
blizzz ef97ef72f6
Merge pull request #10743 from danielkesselberg/bugfix/noid/allow-password-reset-for-duplicate-email
Enable password reset for user with same email address when only one is active
2018-09-13 10:48:30 +02:00
Roeland Jago Douma be2d8cc4e9
Do not invalidate main token on OAuth
Fixes #10584

We deleted the main token when using the login flow else mutliple tokens
would show up for a single user.

However in the case of OAuth this is perfectly fine as the
authentication happens really in your browser:

1. You are already logged in, no need to log you out
2. You are not logged in yet, but since you log in into the exact same
browser the expected behavior is to stay logged in.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-06 08:30:52 +02:00
Morris Jobke cf3f4888cc
Change password expiration time from 12h to 7d
We use the same logic for creating accounts without a password and there the 12h is a bit short. Users don't expect that the signup link needs to be clicked within 12h - 7d should be a more expected behavior.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-31 13:31:03 +02:00
Morris Jobke 6099786c8d
Merge pull request #10670 from nextcloud/fix/login-throttle-username-length
Fix max length requirements for the throttler metadata
2018-08-24 16:25:35 +02:00
Daniel Kesselberg 031fdfb1fc
Enable password reset for user with same email address when only one is active
When two or more user share the same email address its not possible to
reset password by email. Even when only one account is active.

This pr reduce list of users returned by getByEmail by disabled users.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-08-19 16:32:46 +02:00
Bjoern Schiessle dfec66ca02
only warn about data lose on password reset if per-user keys are used
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-08-15 15:08:34 +02:00
Christoph Wurst 42300d19e9
Fix max length requirements for the throttler metadata
If a failed login is logged, we save the username as metadata
in the bruteforce throttler. To prevent database error due to
very long strings, this truncates the username at 64 bytes in
the assumption that no real username is longer than that.long strings,

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-13 15:52:09 +02:00
Christoph Wurst d8197f2b97
Rename providerset method to get primary providers
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 20:28:21 +02:00
Christoph Wurst c6e47e8a51
Fix login redirection if only one 2FA provider is active
Fixes https://github.com/nextcloud/server/issues/10500.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 15:25:59 +02:00
Joas Schilling decd196162
Make the info available if the avatar was uploaded or generated
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-08-01 10:56:22 +02:00
Morris Jobke 70fa73404f
Merge pull request #10391 from nextcloud/bugfix/10389/fix-app-navigation-controller
Fix app navigation controller to return an array
2018-07-25 14:11:49 +02:00
Julius Härtl 4c773891d7
Fix app navigation controller to return an array
This is required to not break compatibility with existing consumers of that endpoint like the apps management or the client

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-07-25 13:50:46 +02:00
Joas Schilling 12efde520d
Allow to access SVGs as guest
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-07-25 12:05:18 +02:00
Michael Weimann c92d7429d7 Implements handling for deactivated users
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-07-21 13:05:13 +02:00
John Molakvoæ (skjnldsv) 37a4d2bbbc
Php code bump
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 22:46:32 +02:00
Julius Härtl bfc6fc8e50
Fix settings icon fetching
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-07-19 08:17:00 +02:00
John Molakvoæ (skjnldsv) 61946819ba
Fixed svg generator regex && added missing icons
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 08:16:59 +02:00
John Molakvoæ (skjnldsv) 9e5885963c
Fixed icons detection and caching
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 08:16:58 +02:00
John Molakvoæ (skjnldsv) 8977c71f88
Mixin scss icon api
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 08:16:58 +02:00
John Molakvoæ (skjnldsv) ccd70a4099
use built in response cacheFor function
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 08:16:58 +02:00
John Molakvoæ (skjnldsv) 29ff7efe9a
Svg icon api sass function and upgrade of all styles
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 08:16:57 +02:00
John Molakvoæ (skjnldsv) 98a0113d40
Svg from app
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 08:16:30 +02:00
John Molakvoæ (skjnldsv) 84e90e26c0
Svg color api
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 08:16:30 +02:00
Arthur Schiwon ca6094f390
wire the frontend
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-05 20:29:00 +02:00
Arthur Schiwon 772bbd99be
Backend work to provide NC whats New info to users
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-05 14:33:08 +02:00
Morris Jobke 9444a3fad1
Merge pull request #9632 from nextcloud/enhancement/stateful-2fa-providers
Stateful 2fa providers
2018-06-25 15:49:58 +02:00
Robin Appelman 8ed50d4b63
prefill userid for login after password reset
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-06-21 15:18:07 +02:00
Christoph Wurst 13d93f5b25
Make 2FA providers stateful
This adds persistence to the Nextcloud server 2FA logic so that the server
knows which 2FA providers are enabled for a specific user at any time, even
when the provider is not available.

The `IStatefulProvider` interface was added as tagging interface for providers
that are compatible with this new API.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-06-20 08:30:26 +02:00
John Molakvoæ (skjnldsv) 543188d0cb
Removed debug stack
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-06-15 15:40:10 +02:00
John Molakvoæ (skjnldsv) 156da29cea
Avatar imagick bump
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-06-13 18:46:05 +02:00
John Molakvoæ (skjnldsv) eea6f74ca4
Controller tests fixes
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-06-13 18:46:04 +02:00
John Molakvoæ (skjnldsv) adf3856d35
Return Svg avatars
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-06-13 18:46:04 +02:00
Roeland Jago Douma e5cc8be9d5
Fix usage
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-04 08:48:54 +02:00
Morris Jobke 245d20f9ac
Merge pull request #9531 from remyj38/master
Fix translation bug on lost password page
2018-05-22 16:31:30 +02:00
Roeland Jago Douma 5a97148863
Don't use special chars to avoid confusion
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-22 09:24:17 +02:00
Rémy Jacquin 04e1cab5ee
Fix translation bug on lost password page
Fix nextcloud/password_policy#26

Signed-off-by: Rémy Jacquin <remy@remyj.fr>
2018-05-20 12:51:50 +02:00
Arthur Schiwon 38a90130ce
move log constants to ILogger
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-26 10:45:52 +02:00
Roeland Jago Douma a07f6d46e3
Use proper types
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-11 00:21:25 +02:00
Morris Jobke fd3c97b93b
Avoid to leak a user ID that is not a string to reach a user backend
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-11 00:03:30 +02:00
Roeland Jago Douma b2350810e0
Merge pull request #9115 from nextcloud/feature/noid/login_flow_wording
Improve login flow
2018-04-09 08:45:27 +02:00
Roeland Jago Douma 177c8972cc
Improve login flow
* Add page explaining you are about to grant access
* Show grant access page after login

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-08 13:42:36 +02:00
Roeland Jago Douma 33b93db953
Remove unused parameter
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-06 21:44:23 +02:00
Roeland Jago Douma 2b7d4d5069
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-06 19:58:37 +02:00
Roeland Jago Douma caee215120
Always remember me
Fixes #8004

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-06 15:44:28 +02:00
Joas Schilling dabd7291c3
Make the new autocomplete endpoint OCS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-03-21 09:46:52 +01:00
Roeland Jago Douma 796b4f19f8
Add Cache-control: immutable
Cache generated CSS forever!
Also cache combined JS forever
Fix tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-19 14:21:53 +01:00
Roeland Jago Douma 7674e591bd
Move search to proper Controller
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-09 14:36:48 +01:00
Christoph Wurst b9720703e8 Add CSRF token controller to retrieve the current CSRF token
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-03-08 16:48:50 +01:00