nextcloud

ツリー: e11a523ce9

作成者	SHA1	メッセージ	日付
Roeland Jago Douma	8cb6bb3987	Make ISession strict * Make all implementations strict * Add scalar types Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6年前
Morris Jobke	fe0dbe7fb7	Fix type in CryptoSessionData Found while adding strict typing for PHP7+. Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6年前
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6年前
Victor Dubiniuk	131df248ef	Catch session already closed exception in destructor	7年前
Roeland Jago Douma	bb94b39745	Do not clear CSRF token on logout (fix for #1303) This is a hacky way to allow the use case of #1303. What happens is 1. User tries to login 2. PreLoginHook kicks in and figures out that the user need to change their LDAP password or whatever => redirects user 3. While loading the redirect some logic of ours kicks in and logouts the user (thus clearing the session). 4. We render the new page but now the session and the page disagree about the CSRF token This is kind of hacky but I don't think it introduces new attack vectors. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7年前
Joas Schilling	ba87db3fcc	Fix others	8年前
Lukas Reschke	aba539703c	Update license headers	8年前
Christoph Wurst	e93bf80b29	throw SessionNotAvailableException if session_id returns empty string	8年前
Christoph Wurst	0d53e86421	add ISession::getId() wrapper for session_id	8年前
Roeland Jago Douma	e2c36c2903	Move \OC\Session to PSR-4	8年前
Thomas Müller	682821c71e	Happy new year!	8年前
Lukas Reschke	fec41e7539	Move regeneration of session ID into session classes There were code paths that nowadays call ISession::login directly thus bypassing the desired regeneration of the session ID. This moves the session regeneration deeper into the session handling and thus ensures that it is always called. Furthermore, I also added the session regeneration to the remember me cookie plus added some test case expectations for this.	8年前
Morris Jobke	b945d71384	update licence headers via script	8年前
Lukas Reschke	0b91087489	Write to session in batch at the end of the request	8年前
Lukas Reschke	e579dd62fd	Write session data to single key This prevents decrypting values multiple times.	8年前
Lukas Reschke	6a3fb0d3b3	Handle failures gracefully, remove switch	9年前
Joas Schilling	36eef2ddab	Add a session wrapper to encrypt the data before storing it on disk	9年前

10 コミット (e11a523ce9c8920ae1e3bb1509f232af03e69562)