nextcloud

Commit Graph

Autor	SHA1	Mensaje	Fecha
Christoph Wurst	df908c728a	Enable strict types for the 2FA middleware Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	hace 2 años
Christoph Wurst	74b1bf1d1c	Fix setting up 2FA when no providers are set up but backup codes 2FA set up is allowed when only backup codes are set up but no other provider and no provider is failing. This patch syncs up the login controller check with the challenge controller check 10 lines above. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	hace 2 años
Christoph Wurst	c8caba265f	Explicitly allow some routes without 2FA Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	hace 2 años
Joas Schilling	3710eca104	Allow "TwoFactor Nextcloud Notifications" to pull the state of the 2FA again Signed-off-by: Joas Schilling <coding@schilljs.com>	hace 2 años
Lukas Reschke	7c1038bfb3	Remove 2FA exemption from PublicPage annotation Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	hace 2 años
Christoph Wurst	2fca843cc0	Fix setting up 2FA providers when 2FA is enforced and bc are generated When a user has backup codes generated and got their 2FA enforced then they should be able to set up TOTP and similar providers during the login. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	hace 2 años
Lukas Reschke	04fa36d411	Improve provider check Check if there is a provider missing. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	hace 3 años
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	hace 3 años
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	hace 4 años
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	hace 4 años
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	hace 4 años
Roeland Jago Douma	2cf068463f	Harden middleware check These annotations will allow for extra checks. And thus make it harder to break things. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	hace 4 años
Roeland Jago Douma	579162d7b9	Allow 2FA to be setup on first login Once 2FA is enforced for a user and they have no 2FA setup yet this will now prompt them with a setup screen. Given that providers are enabled that allow setup then. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	hace 5 años
Roeland Jago Douma	8c77882794	No need to check 2fa state on apptoken logins If you login with an apptoken there is no need to check 2FA state as this does not apply to apptokens. Not checking saves us a query on each request made from a client. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	hace 5 años
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	hace 6 años
Lukas Reschke	f93a82b8b0	Remove explicit type hints for Controller This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	hace 7 años
Roeland Jago Douma	3548603a88	Fix middleware implementations signatures Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	hace 7 años
Joas Schilling	72c1b24844	Check whether the $_SERVER['REQUEST_*'] vars exist before using them Signed-off-by: Joas Schilling <coding@schilljs.com>	hace 7 años
Christoph Wurst	6af2efb679	prevent infinite redirect loops if the there is no 2fa provider to pass This fixes infinite loops that are caused whenever a user is about to solve a 2FA challenge, but the provider app is disabled at the same time. Since the session value usually indicates that the challenge needs to be solved before we grant access we have to remove that value instead in this special case.	hace 7 años
Roeland Jago Douma	33f1532079	Throw exception if you don't handle it	hace 8 años
Joas Schilling	ba87db3fcc	Fix others	hace 8 años
blizzz	51fd2602a7	Revert "Downstream 2016-06-08"	hace 8 años
Joas Schilling	7f88645eab	Allow to cancel 2FA after login	hace 8 años
Joas Schilling	3e3b326c85	Allow to cancel 2FA after login	hace 8 años
Christoph Wurst	5e71d23ded	remember redirect_url when solving the 2FA challenge	hace 8 años
Lukas Reschke	aba539703c	Update license headers	hace 8 años
Christoph Wurst	847bbc51b6	add OCC command to enable/disable 2FA for a user	hace 8 años
Christoph Wurst	dfb4d426c2	Add two factor auth to core	hace 8 años

26 Commits (601664bc84e91b752ab6e6251510b559a5a676fc)