| Commit message (Expand) | Author | Age | Files | Lines |
* | Add PHPdoc | Roeland Jago Douma | 2016-08-15 | 1 | -3/+5 |
* | missing PHPDoc | Jörn Friedrich Dreyer | 2016-08-14 | 1 | -0/+1 |
* | Type compatability | Jörn Friedrich Dreyer | 2016-08-14 | 1 | -1/+1 |
* | Method is deprecated | Jörn Friedrich Dreyer | 2016-08-14 | 1 | -3/+3 |
* | Unreachable statement | Jörn Friedrich Dreyer | 2016-08-14 | 1 | -4/+1 |
* | Unnecessary fully qualified names | Jörn Friedrich Dreyer | 2016-08-14 | 4 | -17/+25 |
* | Apply password policy on user creation | michag86 | 2016-08-03 | 1 | -0/+2 |
* | Update with robin | Joas Schilling | 2016-07-21 | 5 | -5/+5 |
* | Fix others | Joas Schilling | 2016-07-21 | 7 | -13/+21 |
* | Mitigate race condition | Lukas Reschke | 2016-07-20 | 1 | -1/+4 |
* | Implement brute force protection | Lukas Reschke | 2016-07-20 | 1 | -5/+18 |
* | Merge remote-tracking branch 'upstream/master' into master-sync-upstream | Lukas Reschke | 2016-07-01 | 1 | -40/+61 |
|\ |
|
| * | Login hooks (#25260) | Christoph Wurst | 2016-06-27 | 1 | -40/+61 |
* | | Merge remote-tracking branch 'upstream/master' into master-sync-upstream | Lukas Reschke | 2016-06-27 | 1 | -2/+11 |
|\| |
|
| * | check login name when authenticating with client token | Christoph Wurst | 2016-06-24 | 1 | -2/+11 |
* | | verify user password on change | Bjoern Schiessle | 2016-06-27 | 1 | -2/+8 |
|/ |
|
* | Merge pull request #25172 from owncloud/token-login-validation | Vincent Petry | 2016-06-22 | 1 | -67/+108 |
|\ |
|
| * | fix unit test warning/errors | Christoph Wurst | 2016-06-20 | 1 | -11/+9 |
| * | fix nitpick | Christoph Wurst | 2016-06-20 | 1 | -2/+3 |
| * | dont create a session token for clients, validate the app password instead | Christoph Wurst | 2016-06-17 | 1 | -8/+24 |
| * | store last check timestamp in token instead of session | Christoph Wurst | 2016-06-17 | 1 | -52/+92 |
| * | use token last_activity instead of session value | Christoph Wurst | 2016-06-17 | 1 | -16/+2 |
* | | update session token password on user password change | Christoph Wurst | 2016-06-21 | 1 | -0/+17 |
* | | add PasswordLoginForbiddenException | Christoph Wurst | 2016-06-17 | 1 | -17/+20 |
|/ |
|
* | create session token only for clients that support cookies | Christoph Wurst | 2016-06-13 | 1 | -2/+11 |
* | create session token on all APIs | Christoph Wurst | 2016-06-13 | 1 | -2/+7 |
* | Merge pull request #25000 from owncloud/fix-email-login-dav | Vincent Petry | 2016-06-09 | 1 | -3/+14 |
|\ |
|
| * | Allow login by email address via webdav as well - fixes #24791 | Thomas Müller | 2016-06-09 | 1 | -3/+14 |
* | | catch sessionnotavailable exception if memory session is used | Christoph Wurst | 2016-06-08 | 1 | -5/+10 |
* | | When creating a session token, make sure it's the login password and not a de... | Christoph Wurst | 2016-06-08 | 1 | -5/+28 |
|/ |
|
* | Create session tokens for apache auth users | Christoph Wurst | 2016-05-31 | 1 | -4/+14 |
* | Update license headers | Lukas Reschke | 2016-05-26 | 5 | -30/+14 |
* | add default token auth config on install, upgrade and add it to sample config | Christoph Wurst | 2016-05-24 | 1 | -0/+3 |
* | do not allow client password logins if token auth is enforced or 2FA is enabled | Christoph Wurst | 2016-05-24 | 1 | -5/+65 |
* | when generating browser/device token, save the login name for later password ... | Christoph Wurst | 2016-05-24 | 1 | -3/+4 |
* | login explicitly | Christoph Wurst | 2016-05-24 | 1 | -9/+6 |
* | Merge pull request #24729 from owncloud/try-token-login-first | Vincent Petry | 2016-05-23 | 1 | -5/+13 |
|\ |
|
| * | try token login first | Christoph Wurst | 2016-05-20 | 1 | -5/+13 |
* | | Merge pull request #24658 from owncloud/invalidate-disabled-user-session | Vincent Petry | 2016-05-23 | 1 | -3/+4 |
|\ \ |
|
| * | | invalidate user session if the user is disabled | Christoph Wurst | 2016-05-23 | 1 | -3/+4 |
| |/ |
|
* / | Add two factor auth to core | Christoph Wurst | 2016-05-23 | 1 | -0/+1 |
|/ |
|
* | don't allow token login for disabled users | Christoph Wurst | 2016-05-18 | 1 | -0/+4 |
* | a single token provider suffices | Christoph Wurst | 2016-05-18 | 1 | -43/+22 |
* | use the UID for creating the session token, not the login name | Christoph Wurst | 2016-05-11 | 1 | -0/+1 |
* | delete the token in case an exception is thrown when decrypting the password | Christoph Wurst | 2016-05-11 | 1 | -4/+10 |
* | fix PHPDoc and other minor issues | Christoph Wurst | 2016-05-11 | 1 | -24/+21 |
* | catch possible SessionNotAvailableExceptions | Christoph Wurst | 2016-05-11 | 1 | -6/+23 |
* | PHPDoc and other minor fixes | Christoph Wurst | 2016-05-11 | 1 | -14/+21 |
* | pass in $request on OCS api | Christoph Wurst | 2016-05-11 | 1 | -0/+2 |
* | try apache auth too | Christoph Wurst | 2016-05-11 | 1 | -4/+3 |