Commit graph

80 commits

Author SHA1 Message Date
Roeland Jago Douma
b05fe45d52
Fix avatar on exif rotated images
Fixes #1928

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-26 21:37:11 +02:00
Lukas Reschke
015affb082
Missing returns + autoloader file
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-25 22:13:09 +02:00
Roeland Jago Douma
d5589a15d5
Move oc.js to a proper class
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-25 22:03:02 +02:00
Joas Schilling
656e3f7a24
Check the mimetype before reading the content and catch exception
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-18 16:22:20 +02:00
Joas Schilling
a1e4b17ff4
Remove unused endpoint
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-30 10:21:08 +02:00
Joas Schilling
877cb06bfe
Use magic DI for core controllers
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-30 10:00:26 +02:00
Joas Schilling
7c0951244a
Deprecate getEditionString() 2016-09-06 16:05:28 +02:00
Roeland Jago Douma
6740c627b8
Move AvatarController over to FileDisplayResponse 2016-09-05 15:11:45 +02:00
Lukas Reschke
06fa486706 Merge pull request #1158 from nextcloud/cache_avatars
Cache avatars
2016-09-05 15:08:43 +02:00
Christoph Wurst
8acb734854
add 2fa backup codes app
* add backup codes app unit tests
* add integration tests for the backup codes app
2016-09-05 08:51:13 +02:00
Christoph Wurst
0a0c7a9b92 redirect to default app after solving the 2FA challenge 2016-08-30 11:10:45 +02:00
Roeland Jago Douma
14136295b7
Cache avatars properly
* Set proper caching headers for avatars (15 minutes)
* For our own avatar use some extra logic to invalidate when we update
2016-08-30 09:00:16 +02:00
Morris Jobke
e341bde8b9 Merge pull request #1172 from nextcloud/core_cleanup
Core controller cleanup
2016-08-30 08:32:55 +02:00
Roeland Jago Douma
b1a090f357
AvatarController use proper JSONResponse
* Do not rely on DataResponse magic. We want JSON so use JSON
* Fix tests
2016-08-29 21:52:14 +02:00
Roeland Jago Douma
f6423f74e3
Minor cleanup in core Controllers 2016-08-29 21:52:09 +02:00
Roeland Jago Douma
c0ed865ab2
UserController does not require Defaults 2016-08-29 21:14:50 +02:00
Christoph Wurst
291dd0bd31 redirect to 2fa provider if there's only one active for the user 2016-08-29 18:36:39 +02:00
Roeland Jago Douma
2f03853fb9
AvatarController cleanup
* Use all DI components
* Let the AppFramework resolve the AvatarController
* Update unit tests
* Unit tests no longer require DB
2016-08-25 21:39:14 +02:00
Joas Schilling
736e884e9a
Move the reset token to core app 2016-08-23 15:01:38 +02:00
Joas Schilling
139fb8de94
Remove "password reset token" after successful login 2016-08-23 12:54:45 +02:00
Roeland Jago Douma
0963397cb8
we are Nextcloud :) 2016-08-18 09:37:11 +02:00
Roeland Jago Douma
6bc1c6590c
Move /config over to Core OCSController 2016-08-18 09:37:09 +02:00
Roeland Jago Douma
0cb8f74cd1
Delete IE8 support in the avatar controller 2016-08-16 20:48:04 +02:00
Lukas Reschke
9ca25e857c
Redirect users when already logged-in on login form 2016-08-11 15:22:29 +02:00
Roeland Jago Douma
ba922c9f73 Merge pull request #807 from nextcloud/ocs_dataresponse
OCSController requires DataResponse
2016-08-10 22:36:25 +02:00
Roeland Jago Douma
9544c97ffe
Fix Core's OCSController response 2016-08-10 20:53:13 +02:00
Thomas Müller
4cf2f97a16
Add missing array element - fixes #25714 2016-08-10 11:11:23 +02:00
Roeland Jago Douma
69da896785
Move /cloud/user to Core app 2016-08-09 20:56:31 +02:00
Roeland Jago Douma
02449c8336
Move getCapabilities over to Core 2016-08-09 20:56:31 +02:00
Roeland Jago Douma
575875e8d0
Allow OCS routes in Core and Settings 2016-08-09 20:56:31 +02:00
Damjan Georgievski
4d559267bd SetupController should use \OC::$configDir too 2016-08-02 15:28:19 +02:00
Bjoern Schiessle
4ecd16c555
Redirect to default page after login 2016-07-27 12:11:58 +02:00
Joas Schilling
0215b004da
Update with robin 2016-07-21 18:13:58 +02:00
Joas Schilling
ba87db3fcc
Fix others 2016-07-21 18:13:57 +02:00
Lukas Reschke
c1589f163c
Mitigate race condition 2016-07-20 23:09:27 +02:00
Lukas Reschke
ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Joas Schilling
2c988ecbf4
Use the themed Defaults everywhere 2016-07-15 09:17:30 +02:00
Morris Jobke
2791b8f00d Revert "occ web executor (#24957)"
This reverts commit 854352d9a0.
2016-07-07 12:14:45 +02:00
Lukas Reschke
7a9d60d87e
Merge remote-tracking branch 'upstream/master' into master-upstream-sync 2016-06-26 12:55:05 +02:00
VicDeo
854352d9a0 occ web executor (#24957)
* Initial web executor

* Fix PHPDoc

Fix broken integration test

OccControllerTests do not require database access - moch them all!

Kill unused sprintf
2016-06-22 13:12:36 +02:00
Arthur Schiwon
42c66efea5
Merge branch 'master' of https://github.com/owncloud/core into downstream-160611 2016-06-11 15:34:43 +02:00
Lukas Reschke
5fdde426eb
Add fancy layout 2016-06-09 17:55:26 +02:00
Thomas Müller
232d735893
Do not leak the login name - fixes #25047 2016-06-09 16:44:31 +02:00
Joas Schilling
7f88645eab
Allow to cancel 2FA after login 2016-06-09 14:00:02 +02:00
Christoph Wurst
60e15e934c
do not generate device token if 2FA is enable for user 2016-06-09 14:00:00 +02:00
Vincent Petry
7dcc47dc94 Merge pull request #25011 from owncloud/issue-24745-allow-to-cancel-2fa
Allow to cancel 2FA after login
2016-06-08 10:27:21 +02:00
Joas Schilling
3e3b326c85
Allow to cancel 2FA after login 2016-06-07 18:17:29 +02:00
Christoph Wurst
8f7a4aaa4d
do not generate device token if 2FA is enable for user 2016-06-07 09:09:51 +02:00
Christoph Wurst
5e71d23ded
remember redirect_url when solving the 2FA challenge 2016-06-01 14:43:47 +02:00
Vincent Petry
235f03da64 Merge pull request #24795 from owncloud/issue-24789-reset-password-link-new-window
Allow opening the password reset link in a new window when its a URL
2016-05-31 10:12:30 +02:00