| Commit message (Expand) | Author | Age | Files | Lines |
* | Update license headers | Morris Jobke | 2017-11-06 | 1 | -2/+5 |
* | Fix failing csp/nonce check due to timed out session | Christoph Wurst | 2017-09-04 | 1 | -5/+8 |
* | Add basic implementation for OAuth 2.0 Authorization Code Flow | Lukas Reschke | 2017-05-18 | 1 | -2/+2 |
* | Fix encryption + remembered login due to missing login hook | Christoph Wurst | 2017-05-16 | 1 | -1/+7 |
* | handle permissions errors when copying the skeleton for a read only user | Robin Appelman | 2017-05-05 | 1 | -2/+7 |
* | Improve PHPDoc | Morris Jobke | 2017-04-13 | 1 | -1/+1 |
* | use known LockdownManager | Arthur Schiwon | 2017-04-06 | 1 | -1/+1 |
* | Save correct login name | Arthur Schiwon | 2017-04-06 | 1 | -1/+8 |
* | don't regenerate Session ID twice, also fixes tests | Arthur Schiwon | 2017-04-06 | 1 | -4/+7 |
* | regenerate session id on successful login, fixes integration test | Arthur Schiwon | 2017-04-06 | 1 | -0/+4 |
* | do login routine only once when done via LoginController | Arthur Schiwon | 2017-04-06 | 1 | -43/+40 |
* | Save the scope of an auth token in the session | Robin Appelman | 2017-04-05 | 1 | -18/+27 |
* | Add postLogout hook to finish sessions from external session managers (#27048) | Felix Rupp | 2017-03-19 | 1 | -0/+3 |
* | Merge pull request #2606 from temparus/master | blizzz | 2017-02-15 | 1 | -3/+6 |
|\ |
|
| * | Update license header | Sandro Lutz | 2017-02-07 | 1 | -0/+2 |
| * | Merge remote-tracking branch 'nextcloud/master' | Sandro Lutz | 2017-02-07 | 1 | -3/+4 |
| |\ |
|
| * | | Add check if UserManager is of type PublicEmitter before calling preLogin hook | Sandro Lutz | 2017-02-01 | 1 | -1/+3 |
| * | | Change where preLogin hook gets called | Sandro Lutz | 2017-02-01 | 1 | -3/+2 |
* | | | Save the used token id in the session so it can be used later on | Joas Schilling | 2017-02-09 | 1 | -2/+20 |
| |/
|/| |
|
* | | add action to existing brute force protection | Bjoern Schiessle | 2017-01-18 | 1 | -3/+3 |
* | | Make sure the loginname is set when logging in via cookie | Joas Schilling | 2017-01-05 | 1 | -0/+1 |
|/ |
|
* | Set last-login-check on basic auth | Roeland Jago Douma | 2016-12-05 | 1 | -0/+5 |
* | do not remember session tokens by default | Christoph Wurst | 2016-11-27 | 1 | -1/+1 |
* | fix warning with token login | Robin Appelman | 2016-11-16 | 1 | -1/+1 |
* | read lockdown scope from token | Robin Appelman | 2016-11-16 | 1 | -2/+1 |
* | basic lockdown logic | Robin Appelman | 2016-11-16 | 1 | -0/+2 |
* | Introduce an event for first time login based on the last login time stamp | Thomas Müller | 2016-11-14 | 1 | -6/+19 |
* | inject ISecureRandom into user session and use injected config too | Christoph Wurst | 2016-11-02 | 1 | -11/+18 |
* | bring back remember-me | Christoph Wurst | 2016-11-02 | 1 | -19/+51 |
* | Fix logClientIn for non-existing users (#26292) | Vincent Petry | 2016-10-25 | 1 | -0/+3 |
* | dont update the auth token twice | Robin Appelman | 2016-10-11 | 1 | -2/+0 |
* | dont get bruteforce delay twice | Robin Appelman | 2016-08-29 | 1 | -2/+1 |
* | missing PHPDoc | Jörn Friedrich Dreyer | 2016-08-14 | 1 | -0/+1 |
* | Type compatability | Jörn Friedrich Dreyer | 2016-08-14 | 1 | -1/+1 |
* | Unreachable statement | Jörn Friedrich Dreyer | 2016-08-14 | 1 | -4/+1 |
* | Update with robin | Joas Schilling | 2016-07-21 | 1 | -1/+1 |
* | Fix others | Joas Schilling | 2016-07-21 | 1 | -1/+2 |
* | Mitigate race condition | Lukas Reschke | 2016-07-20 | 1 | -1/+4 |
* | Implement brute force protection | Lukas Reschke | 2016-07-20 | 1 | -5/+18 |
* | Login hooks (#25260) | Christoph Wurst | 2016-06-27 | 1 | -40/+61 |
* | check login name when authenticating with client token | Christoph Wurst | 2016-06-24 | 1 | -2/+11 |
* | Merge pull request #25172 from owncloud/token-login-validation | Vincent Petry | 2016-06-22 | 1 | -67/+108 |
|\ |
|
| * | fix unit test warning/errors | Christoph Wurst | 2016-06-20 | 1 | -11/+9 |
| * | fix nitpick | Christoph Wurst | 2016-06-20 | 1 | -2/+3 |
| * | dont create a session token for clients, validate the app password instead | Christoph Wurst | 2016-06-17 | 1 | -8/+24 |
| * | store last check timestamp in token instead of session | Christoph Wurst | 2016-06-17 | 1 | -52/+92 |
| * | use token last_activity instead of session value | Christoph Wurst | 2016-06-17 | 1 | -16/+2 |
* | | update session token password on user password change | Christoph Wurst | 2016-06-21 | 1 | -0/+17 |
* | | add PasswordLoginForbiddenException | Christoph Wurst | 2016-06-17 | 1 | -17/+20 |
|/ |
|
* | create session token only for clients that support cookies | Christoph Wurst | 2016-06-13 | 1 | -2/+11 |