nextcloud

Commit graph

Autor	SHA1	Nachricht	Datum
Andy Scherzinger	e07a190641	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	vor 6 Tagen
Christoph Wurst	22dc27810e	fix(auth): Keep redirect URL during 2FA setup and challenge Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 1 Monat
Alexander Piskun	26d343d33a	AppAPI: allowed to bypass Two-Factor Signed-off-by: Alexander Piskun <bigcat88@icloud.com>	vor 5 Monaten
Faraz Samapoor	e98cf3c374	Uses PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <fsa@adlas.at>	vor 11 Monaten
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	vor 1 Jahr
Christoph Wurst	df908c728a	Enable strict types for the 2FA middleware Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 2 Jahren
Christoph Wurst	74b1bf1d1c	Fix setting up 2FA when no providers are set up but backup codes 2FA set up is allowed when only backup codes are set up but no other provider and no provider is failing. This patch syncs up the login controller check with the challenge controller check 10 lines above. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 2 Jahren
Christoph Wurst	c8caba265f	Explicitly allow some routes without 2FA Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 2 Jahren
Joas Schilling	3710eca104	Allow "TwoFactor Nextcloud Notifications" to pull the state of the 2FA again Signed-off-by: Joas Schilling <coding@schilljs.com>	vor 2 Jahren
Lukas Reschke	7c1038bfb3	Remove 2FA exemption from PublicPage annotation Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	vor 2 Jahren
Christoph Wurst	2fca843cc0	Fix setting up 2FA providers when 2FA is enforced and bc are generated When a user has backup codes generated and got their 2FA enforced then they should be able to set up TOTP and similar providers during the login. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 2 Jahren
Lukas Reschke	04fa36d411	Improve provider check Check if there is a provider missing. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	vor 2 Jahren
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	vor 3 Jahren
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 4 Jahren
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 4 Jahren
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 4 Jahren
Roeland Jago Douma	2cf068463f	Harden middleware check These annotations will allow for extra checks. And thus make it harder to break things. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	vor 4 Jahren
Roeland Jago Douma	579162d7b9	Allow 2FA to be setup on first login Once 2FA is enforced for a user and they have no 2FA setup yet this will now prompt them with a setup screen. Given that providers are enabled that allow setup then. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	vor 5 Jahren
Roeland Jago Douma	8c77882794	No need to check 2fa state on apptoken logins If you login with an apptoken there is no need to check 2FA state as this does not apply to apptokens. Not checking saves us a query on each request made from a client. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	vor 5 Jahren
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	vor 6 Jahren
Lukas Reschke	f93a82b8b0	Remove explicit type hints for Controller This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	vor 6 Jahren
Roeland Jago Douma	3548603a88	Fix middleware implementations signatures Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	vor 6 Jahren
Joas Schilling	72c1b24844	Check whether the $_SERVER['REQUEST_*'] vars exist before using them Signed-off-by: Joas Schilling <coding@schilljs.com>	vor 7 Jahren
Christoph Wurst	6af2efb679	prevent infinite redirect loops if the there is no 2fa provider to pass This fixes infinite loops that are caused whenever a user is about to solve a 2FA challenge, but the provider app is disabled at the same time. Since the session value usually indicates that the challenge needs to be solved before we grant access we have to remove that value instead in this special case.	vor 7 Jahren
Roeland Jago Douma	33f1532079	Throw exception if you don't handle it	vor 7 Jahren
Joas Schilling	ba87db3fcc	Fix others	vor 7 Jahren
blizzz	51fd2602a7	Revert "Downstream 2016-06-08"	vor 8 Jahren
Joas Schilling	7f88645eab	Allow to cancel 2FA after login	vor 8 Jahren
Joas Schilling	3e3b326c85	Allow to cancel 2FA after login	vor 8 Jahren
Christoph Wurst	5e71d23ded	remember redirect_url when solving the 2FA challenge	vor 8 Jahren
Lukas Reschke	aba539703c	Update license headers	vor 8 Jahren
Christoph Wurst	847bbc51b6	add OCC command to enable/disable 2FA for a user	vor 8 Jahren
Christoph Wurst	dfb4d426c2	Add two factor auth to core	vor 8 Jahren

31 Commits (master)