| Commit message (Expand) | Author | Age | Files | Lines |
* | AppAPI: allowed to bypass Two-Factor | Alexander Piskun | 2023-12-28 | 1 | -2/+2 |
* | chore: apply changes from Nextcloud coding standards 1.1.1 | Joas Schilling | 2023-11-23 | 22 | -92/+92 |
* | fix: Show error message when CSRF check fails at login | Christoph Wurst | 2023-11-08 | 1 | -0/+5 |
* | Allow passing null to PublicKeyToken::setScope, fixes tests | Côme Chilliet | 2023-10-23 | 1 | -2/+2 |
* | Improve docblock annotations for tokens and their exceptions | Côme Chilliet | 2023-10-23 | 3 | -2/+5 |
* | Use more precise typing for setScope method parameter | Côme Chilliet | 2023-10-23 | 1 | -2/+2 |
* | Make sure that OC interfaces returns OC interfaces for backward compatibility | Côme Chilliet | 2023-10-23 | 2 | -0/+26 |
* | Move Exceptions used in OCP to OCP | Côme Chilliet | 2023-10-23 | 3 | -33/+12 |
* | Align PublicKeyToken with interface changes | Côme Chilliet | 2023-10-23 | 1 | -10/+6 |
* | Move IToken and IProvider::getToken to OCP | Côme Chilliet | 2023-10-20 | 1 | -104/+2 |
* | fix(twofactor): avoid error in pgsql for duplicate entry | Benjamin Gaussorgues | 2023-10-06 | 1 | -20/+17 |
* | Fix typo | Lucas Azevedo | 2023-08-25 | 1 | -1/+1 |
* | Fixes from static analysis | Lucas Azevedo | 2023-08-25 | 1 | -3/+3 |
* | Add last-used-before option | Lucas Azevedo | 2023-08-25 | 4 | -0/+24 |
* | docs: remove superfluous phpdocs | Daniel Kesselberg | 2023-08-10 | 1 | -9/+1 |
* | fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA Manager | Joas Schilling | 2023-07-27 | 1 | -14/+1 |
* | chore: Replace \OC::$server->query with \OCP\Server::get in /lib | Christoph Wurst | 2023-07-06 | 1 | -2/+2 |
* | Fix event names of 2FA related typed events | Joas Schilling | 2023-07-03 | 3 | -3/+13 |
* | Merge branch 'master' into enh/type-iconfig-getter-calls | Côme Chilliet | 2023-04-20 | 1 | -51/+55 |
|\ |
|
| * | fix(auth): Run token statements in atomic transaction | Christoph Wurst | 2023-04-12 | 1 | -51/+55 |
* | | Use typed version of IConfig::getSystemValue as much as possible | Côme Chilliet | 2023-04-05 | 2 | -6/+6 |
|/ |
|
* | Fix types for reading and writing config values | jld3103 | 2023-04-05 | 1 | -2/+2 |
* | Merge pull request #36033 from nextcloud/invalidateTokensWhenDeletingOAuthCli... | Côme Chilliet | 2023-03-15 | 1 | -1/+11 |
|\ |
|
| * | public interface to invalidate tokens of user | Artur Neumann | 2023-03-14 | 1 | -1/+11 |
* | | Don't try to hash a nonexisting password | Ember 'n0emis' Keske | 2023-03-13 | 1 | -1/+1 |
|/ |
|
* | fix(authentication): Handle null or empty string password hash | Joas Schilling | 2023-02-10 | 1 | -1/+1 |
* | Merge pull request #36621 from nextcloud/perf/noid/only-check-for-token-when-... | Joas Schilling | 2023-02-10 | 1 | -1/+30 |
|\ |
|
| * | fix(authentication): Check minimum length when creating app tokens | Joas Schilling | 2023-02-09 | 1 | -2/+10 |
| * | fix(performance): Only search for auth tokens when the provided login is long... | Joas Schilling | 2023-02-08 | 1 | -1/+22 |
* | | fix(authtoken): Store only one hash for authtokens with the current password ... | Julius Härtl | 2023-02-09 | 2 | -1/+50 |
|/ |
|
* | composer run cs:fix | Côme Chilliet | 2023-01-20 | 42 | -44/+0 |
* | Merge pull request #36001 from nextcloud/validate-user-tz | Vincent Petry | 2023-01-11 | 1 | -1/+5 |
|\ |
|
| * | Validate user timezone given from login data before saving it | Thomas Citharel | 2023-01-04 | 1 | -1/+5 |
* | | fix(authentication): Update the token when the hash is null or can not be ver... | Joas Schilling | 2023-01-09 | 1 | -4/+21 |
* | | fix(authentication): Only hash the new password when needed | Joas Schilling | 2023-01-09 | 1 | -2/+6 |
* | | fix(authentication): Invert the logic to the original intention | Joas Schilling | 2023-01-09 | 1 | -2/+3 |
* | | fix(authentication): Only verify each hash once | Joas Schilling | 2023-01-09 | 1 | -2/+4 |
* | | Merge pull request #33898 from nextcloud/fix/authtoken-password-update | Julius Härtl | 2023-01-05 | 2 | -4/+22 |
|\ \ |
|
| * | | PublickKeyTokenProvider: Fix password update routine with password hash | Marcel Klehr | 2023-01-04 | 2 | -4/+22 |
| |/ |
|
* / | Add a const for the max user password length | Joas Schilling | 2023-01-04 | 1 | -1/+2 |
|/ |
|
* | Do not setup a session when not required on WebDAV requests | Julius Härtl | 2022-12-21 | 1 | -1/+2 |
* | feat: add event for failed logins | Roeland Jago Douma | 2022-11-24 | 3 | -5/+13 |
* | Skip general login with email for non-valid addresses and LDAP | Julius Härtl | 2022-10-26 | 1 | -0/+12 |
* | Merge pull request #34554 from nextcloud/fix/psalm-twofactor-registry | Carl Schwan | 2022-10-18 | 2 | -4/+4 |
|\ |
|
| * | Fix the type of the return array in a few more places | Carl Schwan | 2022-10-18 | 2 | -4/+4 |
* | | Run session token renewals in a database transaction | Christoph Wurst | 2022-10-18 | 1 | -23/+32 |
* | | Merge pull request #31499 from nextcloud/bugfix/empty-secret | Carl Schwan | 2022-10-17 | 1 | -5/+24 |
|\ \
| |/
|/| |
|
| * | Mark method as deprecated | Carl Schwan | 2022-09-13 | 1 | -1/+1 |
| * | Rotate token after fallback | Julius Härtl | 2022-03-10 | 1 | -2/+8 |
| * | Add fallback routines for empty secret cases | Julius Härtl | 2022-03-10 | 1 | -3/+16 |