averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-04 18:28:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
40,592 Commits 712 Branches 1,186 Tags
00e341925bc134cbbadaf00a84381e72ed33dbf7
Commit Graph

23 Commits

Author SHA1 Message Date
Robin Appelman
4c3d18a9fc explicit types 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-16 15:24:29 +01:00
Robin Appelman
a4ea20a259 cast to int 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-16 15:24:29 +01:00
Robin Appelman
c5df58ec69 phpdoc 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-16 15:24:28 +01:00
Robin Appelman
7e9e5db496 fix setscope 
Signed-off-by: Robin Appelman <icewind@owncloud.com>
 2016-11-16 15:24:28 +01:00
Robin Appelman
1afccde16a allow configuring filesystem access 
Signed-off-by: Robin Appelman <icewind@owncloud.com>
 2016-11-16 15:24:27 +01:00
Robin Appelman
b4e27d35f5 app password scope wip 
Signed-off-by: Robin Appelman <icewind@owncloud.com>
 2016-11-16 15:24:27 +01:00
Robin Appelman
2389e0f250 read lockdown scope from token 
Signed-off-by: Robin Appelman <icewind@owncloud.com>
 2016-11-16 15:24:27 +01:00
Christoph Wurst
d907666232 bring back remember-me 
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-02 13:39:16 +01:00
Joas Schilling
ba87db3fcc Fix others 2016-07-21 18:13:57 +02:00
Christoph Wurst
0c0a216f42 store last check timestamp in token instead of session 2016-06-17 15:42:28 +02:00
Christoph Wurst
c58d8159d7 Create session tokens for apache auth users 2016-05-31 17:07:49 +02:00
Lukas Reschke
aba539703c Update license headers 2016-05-26 19:57:24 +02:00
Christoph Wurst
ad10485cec when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Christoph Wurst
74277c25be add button to invalidate browser sessions/device tokens 2016-05-23 09:11:12 +02:00
Christoph Wurst
12431aa399 list user's auth tokens on the personal settings page 2016-05-23 09:11:12 +02:00
Christoph Wurst
98b465a8b9 a single token provider suffices 2016-05-18 09:20:48 +02:00
Christoph Wurst
46bdf6ea2b fix PHPDoc and other minor issues 2016-05-11 13:36:46 +02:00
Christoph Wurst
f0f8bdd495 PHPDoc and other minor fixes 2016-05-11 13:36:46 +02:00
Christoph Wurst
fdc2cd7554 Add token auth for OCS APIs 2016-05-11 13:36:46 +02:00
Christoph Wurst
8d48502187 Add index on 'last_activity' 
add token type column and delete only temporary tokens in the background job

debounce token updates; fix wrong class import
 2016-05-11 13:36:46 +02:00
Christoph Wurst
3ab922601a Check if session token is valid and log user out if the check fails 
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
 2016-05-11 13:36:46 +02:00
Christoph Wurst
2fa5e0a24e invalidate (delete) session token on logout 
add 'last_activity' column to session tokens and delete old ones via a background job
 2016-05-11 13:36:46 +02:00
Christoph Wurst
d8cde414bd token based auth 
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
 2016-05-11 13:36:46 +02:00