nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-06-20 05:59:40 -04:00

Author	SHA1	Message	Date
Enrique Pérez Arnaud	ac2f9816a6	feat(auth): support permanent OCM refresh tokens and bearer login Co-authored-by: Micke Nordin <kano@sunet.se> Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>	2026-06-17 10:44:51 +02:00
Côme Chilliet	f7f9a47ceb	fix: Do not set last-password-confirm for apptoken sessions Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-06-16 11:59:13 +02:00
Côme Chilliet	802bce0a77	fix: Use token expiration for ephemeral sessions This simplifies the code a lot. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-06-15 15:28:38 +02:00
Louis	86c2b912bf	Merge pull request #50835 from nextcloud/updateLastSeen fix(session): Update `last_seen` when user session is validated	2026-06-11 11:38:03 +02:00
Côme Chilliet	1ab09ec753	chore: Apply new coding standard to all files The diff can be checked using: git diff --ignore-all-space --ignore-blank-lines To see only the changes not related to blank lines. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-06-01 13:46:39 +02:00
Ferdinand Thiessen	be2ac0bd86	Merge pull request #59932 from nextcloud/carl/copySkeleton refactor: Move copy skeleton step to a file listener	2026-04-29 23:15:38 +02:00
Ferdinand Thiessen	e0ba4d71b6	chore: add missing `Override` attribute to `OC` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2026-04-28 21:29:27 +02:00
Carl Schwan	bb4c55c125	refactor: Move copy skeleton step to a file listener Instead of having all user providers call OC_Util::copySkeleton Signed-off-by: Carl Schwan <carlschwan@kde.org>	2026-04-27 15:37:02 +02:00
Côme Chilliet	725f5bea3f	fix: Reduce the mixups between apptokens and session ids Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-04-21 09:44:42 +02:00
Git'Fellow	237f847a4d	fix(session): Update last seen when user session is validated Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>	2026-04-06 18:24:16 +02:00
Carl Schwan	7b6078875b	refactor: Run rector on lib/private Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>	2026-02-06 13:50:18 +01:00
Joas Schilling	8b4491ae1c	fix: Add translation for temporary app password names Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-01-12 11:58:45 +01:00
Joas Schilling	f4acd8a7ab	fix: Adjust and add new tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-01-12 11:07:44 +01:00
Joas Schilling	927bea2b4d	fix(psalm): Satisfy psalm Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-01-09 19:07:07 +01:00
Joas Schilling	6b121c37da	feat: Allow to create one-time app passwords that only allow loading an app-password Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-01-09 19:07:07 +01:00
Daniel Calviño Sánchez	4fcadd630b	fix: Throw specific LoginException when the user is disabled Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	2025-07-10 15:09:25 +02:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +02:00
Samuel Bizien Filippi	a14cade3ac	feat(core): add cookie_domain config option Signed-off-by: Samuel Bizien Filippi <samuel.bizien-filippi@finances.gouv.fr>	2025-06-16 15:33:48 +02:00
Christoph Wurst	5003467f98	fix(session): Only mark sessions of permanent tokens as app passwords Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2025-04-03 10:08:15 +02:00
Cleopatra Enjeck M.	32e46a8b3a	fix: use mb_strtolower to convert login name Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>	2025-03-05 05:00:24 +00:00
Cleopatra Enjeck M.	a6d6a1fa9e	fix: Improve string comparison Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>	2025-03-05 05:00:24 +00:00
Cleopatra Enjeck M.	6690a28cc0	fix: Use case insensitive check when validating login name Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>	2025-03-05 05:00:24 +00:00
dependabot[bot]	bb598c8451	chore(deps): Bump nextcloud/coding-standard in /vendor-bin/cs-fixer Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 1.3.1 to 1.3.2. - [Release notes](https://github.com/nextcloud/coding-standard/releases) - [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md) - [Commits](https://github.com/nextcloud/coding-standard/compare/v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: nextcloud/coding-standard dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-19 07:57:35 +02:00
Fabian Dreßler	1d6cce8a25	fix: update last_login timestamp for token based-logins fixes #31075 and maybe #32953 Signed-off-by: Fabian Dreßler <nudelsalat@clouz.de>	2024-09-06 14:11:41 -04:00
Arthur Schiwon	6a783d9b08	fix(Session): avoid race conditions on clustered setups - re-stablishes old behaviour with cache to return null instead of throwing an InvalidTokenException when the token is cached as non-existing - token invalidation and re-generation are bundled in a DB transaction now Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-07-10 13:28:33 +02:00
John Molakvoæ	cc7e6e5e4c	Merge branch 'master' into refactor/OC-Server-getCsrfTokenManager Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>	2024-05-30 14:29:21 +02:00
Daniel	fca38e12c8	Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update fix(auth): Update authtoken activity selectively	2024-05-29 12:05:45 +02:00
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-24 13:11:22 +02:00
Christoph Wurst	bcc02a3c71	fix(auth): Update authtoken activity selectively Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-05-21 07:55:01 +02:00
Christoph Wurst	21ee7f59bd	fix(session): Do not update authtoken last_check for passwordless Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-04-26 16:05:18 +02:00
Côme Chilliet	ec5133b739	fix: Apply new coding standard to all files Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-04-02 14:16:21 +02:00
Julius Härtl	e330efe5a0	fix: Implement option to temporarily set the user session Signed-off-by: Julius Härtl <jus@bitgrid.net>	2024-03-19 13:48:23 +01:00
Andrew Summers	0047789580	Refactor `OC\Server::getTwoFactorAuthManager` Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>	2024-03-15 13:12:51 +01:00
Vincent Petry	839ddaa354	feat: rename users to account or person Replace translated text in most locations Signed-off-by: Vincent Petry <vincent@nextcloud.com>	2024-02-13 21:06:30 +01:00
Côme Chilliet	b2e9e0fa0d	chore: Replace OC::$server->getL10N by OCP\Util::getL10N in lib and some apps Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-02-05 11:16:04 +01:00
Christoph Wurst	7f2fdd8843	fix(auth): Fix logging in with email, password and login name mismatch Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-01-19 19:29:41 +01:00
Git'Fellow	72e0618f20	fix(session): Avoid two useless authtoken DB queries for every anonymous request Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at> Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-01-17 09:17:23 +01:00
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Julius Härtl	a3a343ce41	perf: Use more performant way to obtain and check the email as a login name with token login Signed-off-by: Julius Härtl <jus@bitgrid.net>	2023-11-30 20:51:47 +01:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +01:00
Patrick Fischer	b2103556b5	Lower log level about invalid session token	2023-11-06 14:51:13 +01:00
Christoph Wurst	4f183bb604	fix(session): Log why session renewal failed Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-10-11 08:36:13 +02:00
Christoph Wurst	f398d0b5a3	fix: Log critical session renewal and logout paths Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-10-09 13:21:10 +02:00
Christoph Wurst	83a30dfbdf	fix(user): Log affected user of app token login name mismatch Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-10-06 08:51:50 +02:00
Andrew Summers	1470a7294b	Refactor `OC\Server::getCsrfTokenManager` Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>	2023-08-29 21:28:51 -05:00
Joas Schilling	25309bcb45	techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-28 15:50:45 +02:00
Joas Schilling	3962cd0aa8	fix!: Move getEventDispatcher usage to IEventDispatcher Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-28 14:11:22 +02:00
Faraz Samapoor	e7cc7653b8	Refactors "strpos" calls in lib/private to improve code readability. Signed-off-by: Faraz Samapoor <fsamapoor@gmail.com>	2023-05-15 15:17:19 +03:30
Joas Schilling	b91957e3df	fix(dav): Abort requests with 429 instead of waiting Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-05-03 22:43:36 +02:00
Côme Chilliet	426c0341ff	Use typed version of IConfig::getSystemValue as much as possible Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 12:50:08 +02:00

1 2 3 4

187 commits