summaryrefslogtreecommitdiffstats
path: root/core/templates/loginflow
Commit message (Collapse)AuthorAgeFilesLines
* Fix loginflow with apptoken enter on iOSRoeland Jago Douma2019-01-041-3/+4
| | | | | | | It seems iOS doesn't like us to change the location. So now we submit it to the server that geneartes the redirect. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Remove redirect pageJohn Molakvoæ (skjnldsv)2018-11-292-35/+11
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Remove old button to submit the apppassword loginJohn Molakvoæ (skjnldsv)2018-11-281-8/+0
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Use numeric placeholders if there are multiple, so that RTL languages can ↵Joas Schilling2018-10-092-2/+2
| | | | | | operate better Signed-off-by: Joas Schilling <coding@schilljs.com>
* Improve login flowRoeland Jago Douma2018-04-082-5/+51
| | | | | | | * Add page explaining you are about to grant access * Show grant access page after login Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Theming: theme flow redirection pageJulius Härtl2017-11-081-1/+1
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Translate Grant AccessRoeland Jago Douma2017-11-011-2/+2
| | | | | | Fixes #7038 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Remove quotes around device nameMorris Jobke2017-08-141-1/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Highlight client identifier in auth grant pageMorris Jobke2017-08-141-1/+4
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add heading to account access pageJan-Christoph Borchardt2017-08-121-0/+1
| | | | Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
* remove 'Alternative login using app token' in case of oauth loginBjoern Schiessle2017-05-181-0/+2
| | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* Add basic implementation for OAuth 2.0 Authorization Code FlowLukas Reschke2017-05-182-1/+3
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fix auth flow background color and redirect view layoutJan-Christoph Borchardt2017-04-251-1/+4
| | | | Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
* Correctly case the stateTokenRoeland Jago Douma2017-04-251-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add new auth flowLukas Reschke2017-04-252-0/+91
This implements the basics for the new app-password based authentication flow for our clients. The current implementation tries to keep it as simple as possible and works the following way: 1. Unauthenticated client opens `/index.php/login/flow` 2. User will be asked whether they want to grant access to the client 3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password. If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler. While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the near future we have to think about an automatic migration endpoint so there's that anyways :-) If the user chooses to use the regular login the following happens: 1. A session state token is written to the session 2. User is redirected to the login page 3. If successfully authenticated they will be redirected to a page redirecting to the POST controller 4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler. This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-08 19:01:07 +0000