Arthur Schiwon
|
99182aac37
fix(Token): take over scope in token refresh with login by cookie
|
5 months ago |
Arthur Schiwon
|
6a783d9b08
fix(Session): avoid race conditions on clustered setups
|
5 months ago |
Arthur Schiwon
|
340939e688
fix(Session): avoid password confirmation on SSO
|
9 months ago |
Daniel
|
fca38e12c8
Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update
|
6 months ago |
Andy Scherzinger
|
dae7c159f7
chore: Add SPDX header
|
7 months ago |
Christoph Wurst
|
bcc02a3c71
fix(auth): Update authtoken activity selectively
|
7 months ago |
Christoph Wurst
|
fe7217d2d3
Merge pull request #45026 from nextcloud/fix/token-update
|
7 months ago |
Julius Härtl
|
04780ae30a
fix: Always set last activity if we update the row of an authtoken anyways
|
7 months ago |
Joas Schilling
|
bc4a102f52
fix(session): Avoid race condition for cache::get() vs. cache::hasKey()
|
7 months ago |
Côme Chilliet
|
ec5133b739
fix: Apply new coding standard to all files
|
8 months ago |
Benjamin Gaussorgues
|
d1189f923c
feat(perf): add cache for authtoken lookup
|
9 months ago |
Côme Chilliet
|
a526a382bf
Import OCP IToken as OCPIToken to avoid a name clash in lib/private
|
11 months ago |
Côme Chilliet
|
8fc39aeb1c
Use IToken from OCP instead of OC
|
11 months ago |
Joas Schilling
|
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1
|
1 year ago |
Lucas Azevedo
|
fe9b9c1955
Add last-used-before option
|
1 year ago |
Côme Chilliet
|
b294edad80
Merge branch 'master' into enh/type-iconfig-getter-calls
|
1 year ago |
Christoph Wurst
|
5eb768ac5e
fix(auth): Run token statements in atomic transaction
|
1 year ago |
Côme Chilliet
|
426c0341ff
Use typed version of IConfig::getSystemValue as much as possible
|
1 year ago |
Ember 'n0emis' Keske
|
6881d2f2f1
Don't try to hash a nonexisting password
|
1 year ago |
Joas Schilling
|
6417ea0265
fix(authentication): Handle null or empty string password hash
|
1 year ago |
Joas Schilling
|
e47d56ac36
Merge pull request #36621 from nextcloud/perf/noid/only-check-for-token-when-it-can-actually-be
|
1 year ago |
Julius Härtl
|
580feecdbf
fix(authtoken): Store only one hash for authtokens with the current password per user
|
1 year ago |
Joas Schilling
|
7a85a1596e
fix(authentication): Check minimum length when creating app tokens
|
1 year ago |
Joas Schilling
|
03a585ab4f
fix(performance): Only search for auth tokens when the provided login is long enough
|
1 year ago |
Joas Schilling
|
2fb4dac7ad
fix(authentication): Update the token when the hash is null or can not be verified
|
1 year ago |
Joas Schilling
|
28b18d561c
fix(authentication): Only hash the new password when needed
|
1 year ago |
Joas Schilling
|
c5bb19641c
fix(authentication): Invert the logic to the original intention
|
1 year ago |
Joas Schilling
|
55d8aec759
fix(authentication): Only verify each hash once
|
1 year ago |
Julius Härtl
|
18164ae516
Merge pull request #33898 from nextcloud/fix/authtoken-password-update
|
1 year ago |
Joas Schilling
|
b4a29644cc
Add a const for the max user password length
|
1 year ago |