| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| | |
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
|
| | |\
| | |
| | | |
Trigger change when a user is enabled/disabled
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:
1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.
If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)
If the user chooses to use the regular login the following happens:
1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.
This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |/
|
|
|
|
|
| |
* load list of contacts from the server
* show last message of each contact
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |\
| |
| | |
Theming using SCSS variables
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Julius Haertl <jus@bitgrid.net>
Add Scss variables to example theme and theming app
Signed-off-by: Julius Haertl <jus@bitgrid.net>
Use SCSSCacher to build theming css
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Update theming.scss
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Code cleanup
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Fix tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Inject SCSSCacher for easier testing
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Fix typehint
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Generate absolute URLs
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Fix tests to always use absolute urls for theming images
Signed-off-by: Julius Härtl <jus@bitgrid.net>
MailheaderColor -> ColorPrimary
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\ \
| | |
| | | |
Make apps settings tabular
|
| | |/
| |
| |
| | |
Signed-off-by: Felix A. Epp <work@felixepp.de>
|
| |\ \
| | |
| | | |
Fix sharing a password protected link
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The plain text password for a shared links was hashed and, then, the
hashed password was hashed again and set as the final password. Due to
this the password introduced in the "Authenticate" page for the shared
link was always a wrong password, and thus the file could not be
accessed.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The data storage (the "notebook") is shared between all the actors, so
the data can be stored and retrieved between different steps by any
actor in the same scenario.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | |/
|/|
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |\ \
| | |
| | | |
Fix minor code style issues in acceptance test runner
|
| | |/
| |
| |
| | |
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\ \
| |/
|/| |
Handle password expiry in user_ldap
|
| | |
| |
| |
| | |
Signed-off-by: Roger Szabo <roger.szabo@web.de>
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \
| | |
| | | |
Add basic acceptance test system
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As requested by Morris Jobke, the passwords in the acceptance tests were
modified to make them valid both for a clean Nextcloud server and one
with the password_policy app enabled.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
> No tests found in class "Test\Share\MailNotificationsTest".
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Trying to configure method "getRemember" which cannot be configured
because it does not exist, has not been specified, is final, or is
static
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
See http://php.net/manual/en/function.restore-error-handler.php#120879
for more information.
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\ \ \
| | | |
| | | | |
Get proper accesslist for userFolder
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If the accesslist is requested for a users root folder we should
properly construct the path
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\ \ \ \
| | | | |
| | | | | |
validate file name before uploading in upload only folder
|
| | | | | |
| | | | |
| | | | | |
Signed-off-by: Artur Neumann <info@individual-it.net>
|
| | |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* fixes #4383
* improves consistency
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \ \
| |_|/ /
|/| | |
| | | |
| | | | |
nextcloud/adjust-old-bruteforce-protection-annotations
Adjust existing bruteforce protection code
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |\ \ \ \
| | | | |
| | | | | |
Better validation of allowed user names
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Fix translations
|
