summaryrefslogtreecommitdiffstats
path: root/core/Controller/LostController.php
Commit message (Collapse)AuthorAgeFilesLines
* Fix translation bug on lost password pageRémy Jacquin2018-05-201-0/+3
| | | | | | Fix nextcloud/password_policy#26 Signed-off-by: Rémy Jacquin <remy@remyj.fr>
* Fix existing usagesJoas Schilling2018-02-151-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* never translate login names when requiring with a user idArthur Schiwon2018-01-031-0/+6
| | | | | | where appropriate, the preLoginNameUsedAsUserName hook should be thrown. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Update license headersMorris Jobke2017-11-061-0/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Set the data from the templateJoas Schilling2017-10-181-3/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Set the subject with the email template to allow themingJoas Schilling2017-10-181-1/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge setMetaData into constructorJoas Schilling2017-09-041-2/+1
| | | | | | This ensures that the meta data is set in the beginning Signed-off-by: Joas Schilling <coding@schilljs.com>
* Also for reset passwordJoas Schilling2017-08-241-0/+3
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* No password reset for disabled usersJoas Schilling2017-08-181-3/+12
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Cleanup legacy user class from unused methodsMorris Jobke2017-07-241-1/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Disable the API endpoints as wellJoas Schilling2017-05-111-0/+16
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #4443 from nextcloud/cleanup-unused-importsJoas Schilling2017-04-241-1/+0
|\ | | | | Remove unused use statements
| * Remove unused use statementsMorris Jobke2017-04-221-1/+0
| | | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Add at most 10 password reset requests per 5 minutes and IP rangeLukas Reschke2017-04-221-0/+1
|/ | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Rename renderHTML to renderHtmlMorris Jobke2017-04-191-1/+1
| | | | | | | * fixes #4383 * improves consistency Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Adjust existing bruteforce protection codeLukas Reschke2017-04-141-3/+8
| | | | | | | - Moves code to annotation - Adds the `throttle()` call on the responses on existing annotations Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Merge pull request #4308 from nextcloud/lost-password-emailLukas Reschke2017-04-131-4/+18
|\ | | | | Update email template for lost password email
| * Update email template for lost password emailMorris Jobke2017-04-121-4/+18
| | | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Add support for ratelimiting via annotationsLukas Reschke2017-04-131-1/+1
|/ | | | | | | | | | | | | This allows adding rate limiting via annotations to controllers, as one example: ``` @UserRateThrottle(limit=5, period=100) @AnonRateThrottle(limit=1, period=100) ``` Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Move OC_Defaults to OCP\DefaultsMorris Jobke2017-04-091-3/+4
| | | | | | | | | | | | | * currently there are two ways to access default values: OCP\Defaults or OC_Defaults (which is extended by OCA\Theming\ThemingDefaults) * our code used a mixture of both of them, which made it hard to work on theme values * this extended the public interface with the missing methods and uses them everywhere to only rely on the public interface Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Allow to reset the password with the email as an inputJoas Schilling2017-03-281-13/+26
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* add brute force protection to password reset to make it harder to guess user ↵Bjoern Schiessle2017-01-191-0/+1
| | | | | | logins Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* create new encryption keys on password reset and backup the old oneBjoern Schiessle2017-01-101-5/+2
| | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* fix password reset if encryption is enabledBjoern Schiessle2016-12-081-1/+7
| | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* [WIP] Use mail for encrypting the password reset token as wellLukas Reschke2016-11-031-5/+31
|
* Use magic DI for core controllersJoas Schilling2016-09-301-9/+10
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Minor cleanup in core ControllersRoeland Jago Douma2016-08-291-3/+2
|
* Move the reset token to core appJoas Schilling2016-08-231-3/+3
|
* Fix othersJoas Schilling2016-07-211-2/+4
|
* Use the themed Defaults everywhereJoas Schilling2016-07-151-5/+3
|
* Update license headersLukas Reschke2016-05-261-2/+3
|
* Show error messages if a password reset link is invalid or expiredJulius Haertl2016-05-231-15/+35
| | | | | - Moved token validation to method checkPasswordResetToken - Render error with message from exceptions
* Rename files to be PSR-4 compliantLukas Reschke2016-04-061-0/+257
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 12:40:44 +0000