bde1150d04
Merge pull request #3004 from nextcloud/fix-installation-css
...
Fixed installation page
2017-01-22 18:28:33 +01:00
927d3865a0
add brute force protection to password reset to make it harder to guess user logins
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-19 10:12:45 +01:00
cdf01feba7
add action to existing brute force protection
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-18 15:25:16 +01:00
622101f2dd
Merge pull request #2918 from nextcloud/encryption-recovery-improvements
...
create new encryption keys on password reset and backup the old one
2017-01-13 11:28:43 +01:00
243c9c0941
fix coding style and increase code coverage
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 11:01:54 +01:00
e077e01bf2
Add a TwoFactorException
...
A Two Factor third party App may throw a TwoFactorException()
with a more detailed error message in case the authentication fails.
The 2FA Controller will then display the message of this Exception
to the user.
Working on #26593
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-01-11 11:01:52 +01:00
e4b3ba6590
Create unified css file and merge all needed data into this file
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-01-10 17:50:29 +01:00
fcda3a20f4
create new encryption keys on password reset and backup the old one
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-10 17:04:32 +01:00
67467873c2
Removed jquery scss
...
- Switched to setup.css
- Disable scss when displaying the update page
- Improved setup css
- Fixed loading failure of other styles on setup & update page
- Improved scss compiler with an ignore scss compilation option
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-01-10 11:06:03 +01:00
350b7ebc86
Adds CssControllerTests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-06 09:42:39 +01:00
1e44a15dd1
No need for the CssManager
...
* It is a simple wrapper we can always add it later if needed
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-06 09:42:14 +01:00
95d85ba8eb
Do not add ICssManager to OCP
...
We can add it later if needed
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-06 09:42:13 +01:00
2816177ecb
Code cleanup
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-06 09:42:13 +01:00
6380d503af
Css cache folder name fix, route fix and various fixes
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-01-06 09:42:13 +01:00
3b62003c9c
Injection fix and log appname fix
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-01-06 09:42:13 +01:00
1caaa7f4cd
Appdata integration 2
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-01-06 09:42:13 +01:00
2f21eaaf47
Use login name to fix password confirm with ldap users
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-05 12:17:30 +01:00
eff904473d
Set redirect_url on 2FA challenge page
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-23 20:53:26 +01:00
998f235474
Merge pull request #2563 from nextcloud/fix-password-reset
...
fix password reset if encryption is enabled
2016-12-22 11:18:04 +01:00
16bbd3fd7c
fix password reset if encryption is enabled
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-12-08 12:08:05 +01:00
924358ef96
Save the timezone on login again
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-08 10:45:24 +01:00
9eb1ea41ce
Merge pull request #2428 from justin-sleep/upstream
...
Fix #2427 by converting $remember to integer
2016-12-03 11:10:22 +01:00
25a5c655f7
Move integer casting to the top of the chain
...
Signed-off-by: justin-sleep <justin@quarterfull.com>
2016-12-02 14:07:45 -06:00
5c602f3217
Cache all avatar responses
...
* Cache for 30 minutes
* Also cache when avatar can't be found
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-30 09:43:36 +01:00
fb91bf6a5b
Add a signer class for signing
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:00 +01:00
6f4cb12be2
Add identity proof
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:00 +01:00
d75e35b75e
Introduce the UI for password confirmation
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 11:57:16 +01:00
1baa2b8deb
Move OC\OCS\Person to OCSController
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 19:21:00 +01:00
ac61f64190
Merge pull request #1109 from nextcloud/add-more-secrets-to-password-reset-link
...
Use mail for encrypting the password reset token as well
2016-11-03 22:11:43 +01:00
6d686c213b
[WIP] Use mail for encrypting the password reset token as well
2016-11-03 14:27:26 +01:00
9e6b26dcd0
Add cache 1 day cache to preview endpoint
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
55af6b45f7
More tests
...
* PreviewController test
* PublicPreview test
* Versions Preview test
* Trash Preview test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
5466fbf761
Move Ipreview to more of DI thingy
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
d6f1287ae6
Move file
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
02525fd98b
Move preview endpoint to controller
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
d907666232
bring back remember-me
...
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
b05fe45d52
Fix avatar on exif rotated images
...
Fixes #1928
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-26 21:37:11 +02:00
015affb082
Missing returns + autoloader file
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-25 22:13:09 +02:00
d5589a15d5
Move oc.js to a proper class
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-25 22:03:02 +02:00
656e3f7a24
Check the mimetype before reading the content and catch exception
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-18 16:22:20 +02:00
a1e4b17ff4
Remove unused endpoint
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-30 10:21:08 +02:00
877cb06bfe
Use magic DI for core controllers
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-30 10:00:26 +02:00
7c0951244a
Deprecate getEditionString()
2016-09-06 16:05:28 +02:00
6740c627b8
Move AvatarController over to FileDisplayResponse
2016-09-05 15:11:45 +02:00
06fa486706
Merge pull request #1158 from nextcloud/cache_avatars
...
Cache avatars
2016-09-05 15:08:43 +02:00
8acb734854
add 2fa backup codes app
...
* add backup codes app unit tests
* add integration tests for the backup codes app
2016-09-05 08:51:13 +02:00
0a0c7a9b92
redirect to default app after solving the 2FA challenge
2016-08-30 11:10:45 +02:00
14136295b7
Cache avatars properly
...
* Set proper caching headers for avatars (15 minutes)
* For our own avatar use some extra logic to invalidate when we update
2016-08-30 09:00:16 +02:00
e341bde8b9
Merge pull request #1172 from nextcloud/core_cleanup
...
Core controller cleanup
2016-08-30 08:32:55 +02:00
b1a090f357
AvatarController use proper JSONResponse
...
* Do not rely on DataResponse magic. We want JSON so use JSON
* Fix tests
2016-08-29 21:52:14 +02:00
Lukas Reschke
Bjoern Schiessle
Morris Jobke
Christoph Wurst
Cornelius Kölbel
John Molakvoæ (skjnldsv)
Roeland Jago Douma
Joas Schilling
justin-sleep