averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-29 12:24:50 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,164 Commits 1,008 Branches 1,229 Tags
stable33
Commit Graph

179 Commits

Author SHA1 Message Date
Côme Chilliet 23fe11b9af fix: Do not set last-password-confirm for apptoken sessions 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-06-16 14:28:41 +00:00
Côme Chilliet c0f5b569b9 fix: Use token expiration for ephemeral sessions 
This simplifies the code a lot.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-06-15 16:53:43 +02:00
Côme Chilliet 4ce151bfbb fix: Reduce the mixups between apptokens and session ids 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-04-21 18:20:19 +02:00
Joas Schilling 8b4491ae1c fix: Add translation for temporary app password names 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2026-01-12 11:58:45 +01:00
Joas Schilling f4acd8a7ab fix: Adjust and add new tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2026-01-12 11:07:44 +01:00
Joas Schilling 927bea2b4d fix(psalm): Satisfy psalm 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2026-01-09 19:07:07 +01:00
Joas Schilling 6b121c37da feat: Allow to create one-time app passwords that only allow loading an app-password 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2026-01-09 19:07:07 +01:00
Daniel Calviño Sánchez 4fcadd630b fix: Throw specific LoginException when the user is disabled 
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2025-07-10 15:09:25 +02:00
Ferdinand Thiessen 5981b7eb51 chore: apply new CSFixer rules 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
 2025-07-01 16:26:50 +02:00
Samuel Bizien Filippi a14cade3ac feat(core): add cookie_domain config option 
Signed-off-by: Samuel Bizien Filippi <samuel.bizien-filippi@finances.gouv.fr>
 2025-06-16 15:33:48 +02:00
Christoph Wurst 5003467f98 fix(session): Only mark sessions of permanent tokens as app passwords 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2025-04-03 10:08:15 +02:00
Cleopatra Enjeck M. 32e46a8b3a fix: use mb_strtolower to convert login name 
Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>
 2025-03-05 05:00:24 +00:00
Cleopatra Enjeck M. a6d6a1fa9e fix: Improve string comparison 
Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>
 2025-03-05 05:00:24 +00:00
Cleopatra Enjeck M. 6690a28cc0 fix: Use case insensitive check when validating login name 
Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>
 2025-03-05 05:00:24 +00:00
dependabot[bot] bb598c8451 chore(deps): Bump nextcloud/coding-standard in /vendor-bin/cs-fixer 
Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/nextcloud/coding-standard/releases)
- [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nextcloud/coding-standard/compare/v1.3.1...v1.3.2)

---
updated-dependencies:
- dependency-name: nextcloud/coding-standard
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-10-19 07:57:35 +02:00
Fabian Dreßler 1d6cce8a25 fix: update last_login timestamp for token based-logins 
fixes #31075 and maybe #32953

Signed-off-by: Fabian Dreßler <nudelsalat@clouz.de>
 2024-09-06 14:11:41 -04:00
Arthur Schiwon 6a783d9b08 fix(Session): avoid race conditions on clustered setups 
- re-stablishes old behaviour with cache to return null instead of throwing
  an InvalidTokenException when the token is cached as non-existing
- token invalidation and re-generation are bundled in a DB transaction now

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-07-10 13:28:33 +02:00
John Molakvoæ cc7e6e5e4c Merge branch 'master' into refactor/OC-Server-getCsrfTokenManager 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-05-30 14:29:21 +02:00
Daniel fca38e12c8 Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update 
fix(auth): Update authtoken activity selectively
 2024-05-29 12:05:45 +02:00
Andy Scherzinger dae7c159f7 chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-24 13:11:22 +02:00
Christoph Wurst bcc02a3c71 fix(auth): Update authtoken activity selectively 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-05-21 07:55:01 +02:00
Christoph Wurst 21ee7f59bd fix(session): Do not update authtoken last_check for passwordless 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-04-26 16:05:18 +02:00
Côme Chilliet ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +02:00
Julius Härtl e330efe5a0 fix: Implement option to temporarily set the user session 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-19 13:48:23 +01:00
Andrew Summers 0047789580 Refactor OC\Server::getTwoFactorAuthManager 
Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
 2024-03-15 13:12:51 +01:00
Vincent Petry 839ddaa354 feat: rename users to account or person 
Replace translated text in most locations

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2024-02-13 21:06:30 +01:00
Côme Chilliet b2e9e0fa0d chore: Replace OC::$server->getL10N by OCP\Util::getL10N in lib and some apps 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-05 11:16:04 +01:00
Christoph Wurst 7f2fdd8843 fix(auth): Fix logging in with email, password and login name mismatch 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-01-19 19:29:41 +01:00
Git'Fellow 72e0618f20 fix(session): Avoid two useless authtoken DB queries for every anonymous request 
Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-01-17 09:17:23 +01:00
Côme Chilliet eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Julius Härtl a3a343ce41 perf: Use more performant way to obtain and check the email as a login name with token login 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-11-30 20:51:47 +01:00
Joas Schilling aa5f037af7 chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +01:00
Patrick Fischer b2103556b5 Lower log level about invalid session token 2023-11-06 14:51:13 +01:00
Christoph Wurst 4f183bb604 fix(session): Log why session renewal failed 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-10-11 08:36:13 +02:00
Christoph Wurst f398d0b5a3 fix: Log critical session renewal and logout paths 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-10-09 13:21:10 +02:00
Christoph Wurst 83a30dfbdf fix(user): Log affected user of app token login name mismatch 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-10-06 08:51:50 +02:00
Andrew Summers 1470a7294b Refactor OC\Server::getCsrfTokenManager 
Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
 2023-08-29 21:28:51 -05:00
Joas Schilling 25309bcb45 techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +02:00
Joas Schilling 3962cd0aa8 fix!: Move getEventDispatcher usage to IEventDispatcher 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-28 14:11:22 +02:00
Faraz Samapoor e7cc7653b8 Refactors "strpos" calls in lib/private to improve code readability. 
Signed-off-by: Faraz Samapoor <fsamapoor@gmail.com>
 2023-05-15 15:17:19 +03:30
Joas Schilling b91957e3df fix(dav): Abort requests with 429 instead of waiting 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-05-03 22:43:36 +02:00
Côme Chilliet 426c0341ff Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +02:00
Daniel Kesselberg f751d2d891 chore: use local variable for remote address 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2023-03-10 18:04:34 +01:00
Roeland Jago Douma 77df92cabf feat: add event for failed logins 
Apps might also like to know about failed logins.
This adds that event.
The private interface changes are backwards compatible so all should be fine.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2022-11-24 21:24:21 +01:00
Julius Härtl de3099b4d6 Remove potential mismatching dav session data during login 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-11-22 08:47:01 +01:00
Côme Chilliet c79a6b3f62 Fix errors from PHP 8.2 testing 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-11-14 17:08:21 +01:00
Christoph Wurst e2d3409a34 Fix unsuccessful token login logged as error 
The condition of a non-existent login token can happen for concurrent
requests. Admins can not do anything about this. So this is to be
expected to happen occasionally. This event is only bad if none of the
requests is able to re-acquire a session. Luckily this happens rarely.

If a login loop persists an admin can still lower the log level to find
this info. But a default error log level will no longer write those
infos about the failed cookie login of one request.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-11-07 15:08:48 +01:00
Robin Appelman 1fbb951691 dont try email login if the provider username is not a valid email 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-09-14 14:04:13 +02:00
Christoph Wurst 0184fbe86b Log if cookie login failed with token mismatch or session unavailability 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-08-31 14:55:51 +02:00
Carl Schwan 9ec0cb0a90 Fix psalm issues related to the user backend 
- Reflect the actual return value returned by the implementation in the
  the interface. E.g. IUser|bool -> IUser|false
- Remove $hasLoggedIn parameter from private countUser implementation.
  Replace the two call with the equivalent countSeenUser
- getBackend is nuallable, add this to the interface
- Use backend interface to make psalm happy about call to undefined
  methods. Also helps with getting rid at some point of the old
  implementActions

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-05-20 17:14:58 +02:00