nextcloud

Commit Graph

Author	SHA1	Message	Date
Roeland Jago Douma	f03eb7ec3c	Remote wipe support This allows a user to mark a token for remote wipe. Clients that support this can then wipe the device properly. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	5 years ago
Roeland Jago Douma	24d6a28f80	Repair step for link shares Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5 years ago
Joas Schilling	592093079f	Deduplicate index names Signed-off-by: Joas Schilling <coding@schilljs.com>	5 years ago
Joas Schilling	274658629d	Make sure all tables have named indexes Signed-off-by: Joas Schilling <coding@schilljs.com>	5 years ago
Roeland Jago Douma	16cc68a2fe	Add twofactor_providers_uid index Fixes #12943 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5 years ago
Morris Jobke	4d20c4272f	Fix index names * see #11527	5 years ago
Roeland Jago Douma	b82cbe04df	Add uid_owner and uid_initiator share tabe indices Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5 years ago
Robin Appelman	91d3e48ab3	Add filecache index on mtime Gives searching by mtime and "recent" a proper index to use Signed-off-by: Robin Appelman <robin@icewind.nl>	6 years ago
Morris Jobke	393d9aae74	Add a hint that some indexes are not added yet * gives the admin a chance to discover the missing indexes and improve the performance of the instance without digging through the manual * nicely integrated in the setup checks where this kind of hints belong to * also adds an option to integrate this from an app based on events * fix style of setting warnings Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6 years ago
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6 years ago
Joas Schilling	ca39940614	Automatic creation of Identity manager Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Joas Schilling	d418ea550b	Automatic injection for CssController Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Joas Schilling	9c8fe82000	Automatic injection for JsController Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Morris Jobke	5b4adf66e5	Move OC_Defaults to OCP\Defaults * currently there are two ways to access default values: OCP\Defaults or OC_Defaults (which is extended by OCA\Theming\ThemingDefaults) * our code used a mixture of both of them, which made it hard to work on theme values * this extended the public interface with the missing methods and uses them everywhere to only rely on the public interface Signed-off-by: Morris Jobke <hey@morrisjobke.de>	7 years ago
Roeland Jago Douma	8e89ad21a2	[PoC] JS Combiner Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Joas Schilling	246affb1a0	Use correct theming when returning the defaults Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Roeland Jago Douma	1e44a15dd1	No need for the CssManager * It is a simple wrapper we can always add it later if needed Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	95d85ba8eb	Do not add ICssManager to OCP We can add it later if needed Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Lukas Reschke	6f4cb12be2	Add identity proof Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	7 years ago
Lukas Reschke	6d686c213b	[WIP] Use mail for encrypting the password reset token as well	7 years ago
Joas Schilling	bc8186e4c5	Clean up core/Application a bit more Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Joas Schilling	a1e4b17ff4	Remove unused endpoint Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Joas Schilling	877cb06bfe	Use magic DI for core controllers Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Roeland Jago Douma	c0ed865ab2	UserController does not require Defaults	7 years ago
Roeland Jago Douma	36481a0a2a	Remove unused core wrappers	7 years ago
Roeland Jago Douma	2f03853fb9	AvatarController cleanup * Use all DI components * Let the AppFramework resolve the AvatarController * Update unit tests * Unit tests no longer require DB	7 years ago
Roeland Jago Douma	02449c8336	Move getCapabilities over to Core	7 years ago
Joas Schilling	ba87db3fcc	Fix others	8 years ago
Lukas Reschke	ba4f12baa0	Implement brute force protection Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)	8 years ago
Joas Schilling	2c988ecbf4	Use the themed Defaults everywhere	8 years ago
Morris Jobke	2791b8f00d	Revert "occ web executor (#24957)" This reverts commit `854352d9a0`.	8 years ago
VicDeo	854352d9a0	occ web executor (#24957) * Initial web executor * Fix PHPDoc Fix broken integration test OccControllerTests do not require database access - moch them all! Kill unused sprintf	8 years ago
blizzz	51fd2602a7	Revert "Downstream 2016-06-08"	8 years ago
Christoph Wurst	60e15e934c	do not generate device token if 2FA is enable for user	8 years ago
Christoph Wurst	8f7a4aaa4d	do not generate device token if 2FA is enable for user	8 years ago
Lukas Reschke	aba539703c	Update license headers	8 years ago
Christoph Wurst	dfb4d426c2	Add two factor auth to core	8 years ago
Christoph Wurst	53636c73d6	Add controller to generate client tokens	8 years ago
Christoph Wurst	d8cde414bd	token based auth * Add InvalidTokenException * add DefaultTokenMapper and use it to check if a auth token exists * create new token for the browser session if none exists hash stored token; save user agent * encrypt login password when creating the token	8 years ago
Lukas Reschke	8222ad5157	Move logout to controller Testable code. Yay.	8 years ago
Lukas Reschke	331e4efacb	Move login form into controller First step on getting the authorisation stuff cleaned up. This is only for the login form, all other stuff is still where it is.	8 years ago
Lukas Reschke	433c0160b6	Move OC\Core and OC\Settings to composer autoloader	8 years ago
Morris Jobke	d6a63016ae	move lost controller to core/controller * lostpassword.css is unneeded since #11696 is merged - `1b50d4f7ce` * js is already in core/js * css is moved to core/css/lostpassword * template is moved to core/templates/lostpassword	8 years ago
Morris Jobke	c2a1a02fe4	move user controller to core/controller	8 years ago
Morris Jobke	b97fe97875	move avatar controller to core/controller	8 years ago
Thomas Müller	682821c71e	Happy new year!	8 years ago
Lukas Reschke	8f09d5b67c	Update license headers	8 years ago
Lukas Reschke	abdbf10ebc	Do not print exception message In case of an error the error message often contains sensitive data such as the full path which potentially leads to a full path disclosure. Thus the error message should not directly get displayed to the user and instead be logged.	8 years ago
Lukas Reschke	db4cb1dd4d	Expire token after 12h and if user logged-in again As an hardening measure we should expire password reset tokens after 12h and if the user has logged-in again successfully after the token was requested.	8 years ago
Roeland Jago Douma	65cf4028cc	Move avatarcontroller towards Node Api	9 years ago

40 Commits (d37a8445470724eaac32631f76ebb199c7d881ed)