nextcloud

コミットグラフ

作成者	SHA1	メッセージ	日付
Andy Scherzinger	e07a190641	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	6日前
Christoph Wurst	22dc27810e	fix(auth): Keep redirect URL during 2FA setup and challenge Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	1ヶ月前
Alexander Piskun	26d343d33a	AppAPI: allowed to bypass Two-Factor Signed-off-by: Alexander Piskun <bigcat88@icloud.com>	5ヶ月前
Faraz Samapoor	e98cf3c374	Uses PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <fsa@adlas.at>	11ヶ月前
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	1年前
Christoph Wurst	df908c728a	Enable strict types for the 2FA middleware Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2年前
Christoph Wurst	74b1bf1d1c	Fix setting up 2FA when no providers are set up but backup codes 2FA set up is allowed when only backup codes are set up but no other provider and no provider is failing. This patch syncs up the login controller check with the challenge controller check 10 lines above. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2年前
Christoph Wurst	c8caba265f	Explicitly allow some routes without 2FA Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2年前
Joas Schilling	3710eca104	Allow "TwoFactor Nextcloud Notifications" to pull the state of the 2FA again Signed-off-by: Joas Schilling <coding@schilljs.com>	2年前
Lukas Reschke	7c1038bfb3	Remove 2FA exemption from PublicPage annotation Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2年前
Christoph Wurst	2fca843cc0	Fix setting up 2FA providers when 2FA is enforced and bc are generated When a user has backup codes generated and got their 2FA enforced then they should be able to set up TOTP and similar providers during the login. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2年前
Lukas Reschke	04fa36d411	Improve provider check Check if there is a provider missing. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2年前
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	3年前
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	4年前
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	4年前
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	4年前
Roeland Jago Douma	2cf068463f	Harden middleware check These annotations will allow for extra checks. And thus make it harder to break things. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	4年前
Roeland Jago Douma	579162d7b9	Allow 2FA to be setup on first login Once 2FA is enforced for a user and they have no 2FA setup yet this will now prompt them with a setup screen. Given that providers are enabled that allow setup then. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	5年前
Roeland Jago Douma	8c77882794	No need to check 2fa state on apptoken logins If you login with an apptoken there is no need to check 2FA state as this does not apply to apptokens. Not checking saves us a query on each request made from a client. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5年前
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6年前
Lukas Reschke	f93a82b8b0	Remove explicit type hints for Controller This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	6年前
Roeland Jago Douma	3548603a88	Fix middleware implementations signatures Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6年前
Joas Schilling	72c1b24844	Check whether the $_SERVER['REQUEST_*'] vars exist before using them Signed-off-by: Joas Schilling <coding@schilljs.com>	7年前
Christoph Wurst	6af2efb679	prevent infinite redirect loops if the there is no 2fa provider to pass This fixes infinite loops that are caused whenever a user is about to solve a 2FA challenge, but the provider app is disabled at the same time. Since the session value usually indicates that the challenge needs to be solved before we grant access we have to remove that value instead in this special case.	7年前
Roeland Jago Douma	33f1532079	Throw exception if you don't handle it	7年前
Joas Schilling	ba87db3fcc	Fix others	7年前
blizzz	51fd2602a7	Revert "Downstream 2016-06-08"	8年前
Joas Schilling	7f88645eab	Allow to cancel 2FA after login	8年前
Joas Schilling	3e3b326c85	Allow to cancel 2FA after login	8年前
Christoph Wurst	5e71d23ded	remember redirect_url when solving the 2FA challenge	8年前
Lukas Reschke	aba539703c	Update license headers	8年前
Christoph Wurst	847bbc51b6	add OCC command to enable/disable 2FA for a user	8年前
Christoph Wurst	dfb4d426c2	Add two factor auth to core	8年前

31 コミット (master)