Christoph Wurst
d8cde414bd
token based auth
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
8 years ago
Thomas Müller
7aca13f14c
Allow login by email address
8 years ago
Thomas Müller
739dfb5c66
Suggest cli based updater in case the instance is bigger - #23913
8 years ago
Lukas Reschke
fee95084ae
Rename `username` to `loginName`
UID and login name are two different things.
8 years ago
Lukas Reschke
331e4efacb
Move login form into controller
First step on getting the authorisation stuff cleaned up. This is only for the login form, all other stuff is still where it is.
8 years ago
Thomas Müller
fdee771aca
Add unit testing capabilities for templates (#23708)
Add unit testing capabilities for templates
8 years ago
Morris Jobke
22898fa107
Use proper shortcut methods in templates
8 years ago
Morris Jobke
1f7e02e4d4
Add detailed logs hidden and show them on request
8 years ago
Thomas Müller
1bf4c75e8b
Show individual sql schema migration steps during upgrade - on web as well as on the command line
8 years ago
Stefan Weil
62a5952a72
core: Fix typos (found by codespell)
Signed-off-by: Stefan Weil <sw@weilnetz.de>
8 years ago
Lukas Reschke
6ad957906e
Consistently use rel=noreferrer
When linking to external entities we should consistently use rel=noreferrer
8 years ago
Daniel Aleksandersen
7a45f05ed5
Stupid clients only literally understand rel="icon"
rel="shortcut icon" hasn’t been relevant in years, isn’t in any
standards, and causes problems for simple pattern matching clients.
https://www.w3.org/TR/html/links.html#linkTypes
8 years ago
Vincent Chan
06b2f11e57
refactoring code
8 years ago
Vincent Chan
e7859f705c
Remember previous state of remember login checkbox
fixes #22205
8 years ago
Lukas Reschke
abc675d87e
Move update notification code into app
Moves the update notification code in a single app. This is required since we want to use SSO for the new updater and for this have some code running in ownCloud as well (and we don't want that in core neccessarily). This app can provide that in the future, right now it's only the update notification itself. Will continue working on the SSO right away but wanted to keep the PR small.
Furthermore also makes some more code unit-testable...
8 years ago
Vincent Petry
3b581b051f
Expose display name in JS side
Adds a new method `OC.getCurrentUser` to get both the user id and
display name Could be used for a future Js
8 years ago
Morris Jobke
75e6734ef4
Remove OC_Helper::imagePath and use the proper public interface
8 years ago
Morris Jobke
d6a63016ae
move lost controller to core/controller
* lostpassword.css is unneeded since #11696 is merged - 1b50d4f7ce
* js is already in core/js
* css is moved to core/css/lostpassword
* template is moved to core/templates/lostpassword
8 years ago
Hendrik Leppelsack
99b9ec41c1
support print stylesheets
9 years ago
Roeland Jago Douma
7e44ea5da0
Remove deprecated function OC_User::getManager
Private deprecated function => removed
Replaced all instances with suggested replacement
8 years ago
Roeland Jago Douma
19eeb23b91
OC_Helper::linkTo is deprecated
Replaced with suggested (and calling body of)
8 years ago
Lukas Reschke
4b293dffe5
Use \OCP\Util::sanitizeHTML instead of \OC_Util::sanitizeHTML
8 years ago
Joas Schilling
f8f3c9ecf9
Remove password reset when the user can not change the password
8 years ago
Lukas Reschke
f3e9106864
Don't trust update server
In case the update server may deliver malicious content this would allow an adversary to inject arbitrary HTML into the response. So very bad stuff.
While signing the response would be better and something we can also do in the future (considering the code signing work), this is already a good first start.
8 years ago
Jan-Christoph Borchardt
cd88854369
update page: fix heading whitespace and unbold less important sections
8 years ago
Jürgen Weigert
b167eb743f
Update untrustedDomain.php
8 years ago
Jan-Christoph Borchardt
93f9577258
do not bold header of update screen
8 years ago
maprambo
edb1fee610
Added Safari tabbed pin icon
Added the necessary code and a black and inverted version of the favicon/ touch icon in svg format
8 years ago
Morris Jobke
069ed71dbe
Add favicon for IE 8+
9 years ago
Hendrik Leppelsack
cf0ebfc7aa
don't validate searchbox
8 years ago
Hendrik Leppelsack
9669a2be78
keep searchbox open if it is in action
8 years ago
Joas Schilling
f04151f69b
Close the user menu when clicking it again
8 years ago
Jan-Christoph Borchardt
a05ea0fb1e
remove unneeded icons from input fields to not distract from submit button, fix #18940
8 years ago
Stephen Colebrook
6feb31bf96
Allow separate templates for internal and external share notifications
9 years ago
Jan-Christoph Borchardt
aed9b2a626
change wording from 'remember' to more understandable 'Stay logged in'
8 years ago
Vincent Petry
bf2a876094
Fix login arrow in login page
8 years ago
Hendrik Leppelsack
c23cac3322
fix login
8 years ago
Hendrik Leppelsack
88bc478055
use label:before instead of label
8 years ago
Raghu Nayyar
7ccd02ec95
Fixes white and black checkboxes in core, files will be next.
8 years ago
Roeland Jago Douma
c39db52cfa
Use srcset to select best avatar size
* Allow the browser to select the best available avatar for the screen
9 years ago
Raghu Nayyar
1d9128c557
Squashing all commits in one, remove typos.
8 years ago
Lukas Reschke
436c149fbb
Prevent referer from being sent
Nice hardening for enhanced privacy. Especially useful when using embedded viewers such as files_pdfviewer.
8 years ago
Jan-Christoph Borchardt
acc9fa49fc
use SVG for toggle image instead of PNG, fix installation and personal settings toggle
8 years ago
Christoph Wurst
ba9457264f
add title attribute for the login button
8 years ago
Jan-Christoph Borchardt
cea3247d49
show feedback spinner for log in process
8 years ago
Jan-Christoph Borchardt
2a935f1b47
move log in button into fields and use icon instead of text
8 years ago
Jan-Christoph Borchardt
f21cf516da
fix wording of update header
9 years ago
Vincent Petry
a2674b2b30
Additions to update page
Apps to update and to disable will always be shown.
Main title changes only when apps need updated, not core.
Added bullet style.
Exclude incompatible apps from updated apps list.
9 years ago
Vincent Petry
b919ae96f0
Display app names in update page for app updates
Whenever the update page is displayed for apps, show app names instead
of the core update text.
9 years ago
Lukas Reschke
df2ce8a075
Remove search box $_POST since it is unused
9 years ago