| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| |
|
|
| |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| |
|
|
| |
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
|
| |
|
|
|
|
|
|
|
| |
Excessively long emails reported make server unresponsive.
We could at some point, consider adding a configuration for sysadmins to bypass this setting
on their instance if they want.
Signed-off-by: fenn-cs <fenn25.fn@gmail.com>
|
| |
|
|
| |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| |
|
|
|
|
| |
Replace translated text in most locations
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
|
| |
|
|
| |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| |
|
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
|
| |
|
|
| |
Signed-off-by: jld3103 <jld3103yt@gmail.com>
|
| |
|
|
|
|
| |
Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
|
| |
|
|
| |
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
| |
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
|
| |
|
| |
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| |
|
|
| |
Co-authored-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
Signed-off-by: NoSleep82 <52562874+NoSleep82@users.noreply.github.com>
|
| |
|
|
|
| |
i would be useful to know who is trying to reset the password (misspelled username or email, ex user or some sort of attack)
Signed-off-by: NoSleep82 <52562874+NoSleep82@users.noreply.github.com>
|
| |
|
|
| |
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
| |
|
|
|
|
| |
These hooks are only used in the Encryption app from what I can see.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
| |
|
|
|
|
|
| |
- Typed properties
- Port to LoggerInterface
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
| |\
| |
| |
| |
| | |
nextcloud/fix/noid/guest-activation-pwd-reset-disabled
allow using of disabled password reset mechanism for special cases
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- LostController has three endpoints
- door opener email() still rejects
- resetform(), reachable from mail, checks the token first and may report
that password reset is disabled
- setPassword() got its check removed as it is behind CSFR anyway and still
requires a valid token
- this allows special cases like activating a freshly created guest account
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |/
|
|
|
|
| |
- also fixes the test which missed asserting the presence of it
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |
|
|
| |
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |
|
|
|
|
|
| |
- to make it reusable
- needed for local email verification
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |
|
|
| |
Signed-off-by: Gary Kim <gary@garykim.dev>
|
| |
|
|
| |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
|
|
|
|
|
|
|
| |
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
|
|
| |
Fix Argument 1 passed to OC\Security\Crypto::decrypt() must be of the type string, null given
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |\
| |
| | |
Add missing password reset page to vue
|
| | |
| |
| |
| | |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |/
|
|
|
|
|
|
|
|
| |
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.
This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
When a password is reste we should make sure that all users are properly
logged in. Pending states should be cleared. For example a session where
the 2FA code is not entered yet should be cleared.
The token is now removed so the session will be killed the next time
this is checked (within 5 minutes).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
|
|
| |
There is no need to inform the user if the account existed or not.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| |
| |
| | |
danielkesselberg/bugfix/noid/allow-password-reset-for-duplicate-email
Enable password reset for user with same email address when only one is active
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When two or more user share the same email address its not possible to
reset password by email. Even when only one account is active.
This pr reduce list of users returned by getByEmail by disabled users.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |/
|
|
|
|
| |
We use the same logic for creating accounts without a password and there the 12h is a bit short. Users don't expect that the signup link needs to be clicked within 12h - 7d should be a more expected behavior.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
