aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/User
Commit message (Collapse)AuthorAgeFilesLines
* Adjust token nameLukas Reschke2017-05-181-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* UserManager can now count disabled usersArthur Schiwon2017-04-291-0/+25
| | | | | | Users page takes advantage of that Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Use the new method in the old one to remove duplicate codeJoas Schilling2017-04-271-5/+11
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Trigger change when a user is enabled/disabledJoas Schilling2017-04-251-1/+49
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Use the correct Dummy and Backend classJoas Schilling2017-04-201-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Better validation of allowed user namesJoas Schilling2017-04-181-0/+43
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Save the scope of an auth token in the sessionRobin Appelman2017-04-051-29/+36
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Add tests for database user backend cachingVincent Petry2017-03-201-1/+18
| | | | | | | | Add comment, closeCursor in user DB query Invalidate user in cache after successful creation Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Fix testsJoas Schilling2017-01-051-1/+13
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Get user home folder before deletionVincent Petry2016-12-231-0/+32
| | | | | | | After the deletion getHome() will fail because the user doesn't exist any more, so we need to fetch that value earlier. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Improve OC\User\User coverageRoeland Jago Douma2016-12-201-49/+204
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set last-login-check on basic authRoeland Jago Douma2016-12-051-0/+101
| | | | | | | | | Else the last-login-check fails hard because the session value is not set and thus defaults to 0. * Started with tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* fix parameter orderChristoph Wurst2016-11-281-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* do not remember session tokens by defaultChristoph Wurst2016-11-271-3/+43
| | | | | | | | We have to respect the value of the remember-me checkbox. Due to an error in the source code the default value for the session token was to remember it. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add missing tests and fix PHPDocLukas Reschke2016-11-021-1/+44
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* inject ISecureRandom into user session and use injected config tooChristoph Wurst2016-11-021-49/+60
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* bring back remember-meChristoph Wurst2016-11-021-128/+161
| | | | | | | | | | * try to reuse the old session token for remember me login * decrypt/encrypt token password and set the session id accordingly * create remember-me cookies only if checkbox is checked and 2fa solved * adjust db token cleanup to store remembered tokens longer * adjust unit tests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Proper DI of configRoeland Jago Douma2016-10-282-26/+55
| | | | | | * Fixed comments Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* introduce callForSeenUsers and countSeenUsers (#26361)Jörn Friedrich Dreyer2016-10-281-1/+63
| | | | | | | | | | * introduce callForSeenUsers and countSeenUsers * add tests * oracle should support not null on clob * since 9.2.0
* Fix and cleanup SessionTestRoeland Jago Douma2016-10-251-43/+26
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix logClientIn for non-existing users (#26292)Vincent Petry2016-10-251-0/+26
| | | | | | | The check for two factor enforcement would return true for non-existing users. This fix makes it return false in order to be able to perform the regular login which will then fail and return false. This prevents throwing PasswordLoginForbidden for non-existing users.
* Add test to ensure token times are updatedRobin Appelman2016-10-111-24/+128
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* dont update the auth token twiceRobin Appelman2016-10-111-3/+0
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Only trigger postDelete hooks when the user was deleted...Joas Schilling2016-09-291-4/+5
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Make sure that comments, notifications and preferences are deletedJoas Schilling2016-09-291-11/+74
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Fix getMock UserRoeland Jago Douma2016-09-134-136/+146
|
* dont get bruteforce delay twiceRobin Appelman2016-08-291-6/+6
|
* Mitigate race conditionLukas Reschke2016-07-201-3/+18
|
* Implement brute force protectionLukas Reschke2016-07-201-11/+35
| | | | | | | | | Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)
* Fix failing tests after db splitRoeland Jago Douma2016-07-131-4/+4
|
* Merge remote-tracking branch 'upstream/master' into master-sync-upstreamLukas Reschke2016-07-011-1/+4
|\
| * Login hooks (#25260)Christoph Wurst2016-06-271-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | * fix login hooks * adjust user session tests * fix login return value of successful token logins * trigger preLogin hook earlier; extract method 'loginWithPassword' * call postLogin hook earlier; add PHPDoc
* | Merge remote-tracking branch 'upstream/master' into master-sync-upstreamLukas Reschke2016-06-271-0/+30
|\|
| * check login name when authenticating with client tokenChristoph Wurst2016-06-241-0/+30
| |
* | verify user password on changeBjoern Schiessle2016-06-271-1/+46
|/
* Merge pull request #25172 from owncloud/token-login-validationVincent Petry2016-06-221-80/+81
|\ | | | | Token login validation
| * fix unit test warning/errorsChristoph Wurst2016-06-201-15/+16
| |
| * fix user session testsChristoph Wurst2016-06-201-73/+73
| |
* | update session token password on user password changeChristoph Wurst2016-06-211-0/+65
| |
* | add PasswordLoginForbiddenExceptionChristoph Wurst2016-06-171-2/+8
|/
* create session token only for clients that support cookiesChristoph Wurst2016-06-131-3/+45
|
* When creating a session token, make sure it's the login password and not a ↵Christoph Wurst2016-06-081-24/+135
| | | | device token
* Create session tokens for apache auth usersChristoph Wurst2016-05-311-0/+38
|
* do not allow client password logins if token auth is enforced or 2FA is enabledChristoph Wurst2016-05-241-13/+71
|
* when generating browser/device token, save the login name for later password ↵Christoph Wurst2016-05-241-6/+13
| | | | checks
* invalidate user session if the user is disabledChristoph Wurst2016-05-231-0/+47
|
* Move tests/ to PSR-4 (#24731)Joas Schilling2016-05-207-0/+1695
* Move a-b to PSR-4 * Move c-d to PSR-4 * Move e+g to PSR-4 * Move h-l to PSR-4 * Move m-r to PSR-4 * Move s-u to PSR-4 * Move files/ to PSR-4 * Move remaining tests to PSR-4 * Remove Test\ from old autoloader
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-06 12:25:08 +0000