Commit graph

27 commits

Author SHA1 Message Date
Robin Appelman
8eda661761 Throw an exception when login is canceled by an app 2015-01-22 14:13:17 +01:00
Robin Appelman
857695ec87 Return false if the login is canceled in a hook 2015-01-13 13:25:20 +01:00
Morris Jobke
5d296aa6b1 Merge pull request #12969 from owncloud/clarify-docs
Clarify return values
2014-12-22 10:01:39 +01:00
Lukas Reschke
dbbf568192 Fix typo 2014-12-19 14:36:00 +01:00
Lukas Reschke
a022e65285 Clarify return values
This function returns `null` when no user is logged-in.
2014-12-19 14:17:40 +01:00
Lukas Reschke
e3230b5bc2 Add ultra-slim hack for incognito mode
As discussed at https://github.com/owncloud/core/pull/12912#issuecomment-67391155
2014-12-17 21:53:43 +01:00
Bernhard Posselt
236632702c add a isLoggedIn method to the usersession and deprecate the isLoggedIn method on the api 2014-12-17 17:40:52 +01:00
Morris Jobke
0d4f0ab871 reduce OC_Preferences, OC_Config and \OCP\Config usage
* files_encryption
* files_versions
* files_trashbin
* tests
* status.php
* core
* server container
2014-12-08 22:42:37 +01:00
Thomas Müller
5097d4dc05 remove deprecated \OC:$session 2014-11-26 15:32:47 +01:00
Lukas Reschke
770c62c5d8 Clear session after logout
Fixes https://github.com/owncloud/core/issues/8420
2014-10-30 12:10:39 +01:00
Robin Appelman
912fbfab01 Unset the cached active user when using a different session object 2014-10-13 13:11:48 +02:00
Lukas Reschke
63a90a129b Use proper RNG generator
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
Jörn Friedrich Dreyer
f551917a3c kill OC::$session
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession

restore order os OC::$session and OC::$CLI

remove unneded initialization of dummy session

write back session when $useCustomSession is true

log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Thomas Müller
a72dae6842 Merge pull request #10144 from owncloud/issue/9972
Issue/9972 Fix issues with group and username `0`
2014-08-06 09:53:13 +02:00
Joas Schilling
4865c52aa6 Fix isLoggedIn() check for user '0'
Fix #9972
2014-08-04 15:53:55 +02:00
Robin Appelman
20c1ce7f47 Add public interfaces for User, UserManager and UserSession 2014-07-14 15:10:51 +02:00
Arthur Schiwon
748a219243 add preRememberedLogin hook and document this and postRememberedLogin in class descripttion. Also fixes documentation of postLogin hook 2014-05-26 13:53:26 +02:00
Arthur Schiwon
2c89962919 clean up tryRememberLogin and save the timestamp of users last login 2014-05-21 18:03:37 +02:00
Robin McCorkell
bac8962bbc Fix Scrutinizer errors 2014-05-13 19:08:14 +01:00
Lukas Reschke
f7fa8662e2 Remove session_id_regenerate from here
Jenkins somewhat complains that there are already sent headers.
2014-02-21 08:12:45 +01:00
Lukas Reschke
0241ddc759 Merge pull request #6519 from nhirokinet/master
Security Update: session fixation
2014-02-20 14:28:26 +01:00
Jörn Friedrich Dreyer
2a6a9a8cef polish documentation based on scrutinizer patches 2014-02-06 17:02:21 +01:00
Thomas Müller
9b7c3a5c66 fixing PHPDoc and use cameCase names 2014-01-09 10:27:47 +01:00
NARUKAWA Hiroki
068688063e Security Update: session fixation
Previous version is vulnerable to session fixation attack in some situations, guessing non-apache-module-php5 environment. Regeneration of session id should be done here.
2013-12-20 03:38:51 +09:00
Arthur Schiwon
91d6a6dd7c On webdav sesssions, loginname was compared to username which does not need to match necessarily 2013-12-13 16:58:03 +01:00
Vincent Petry
013444813e Now removing stray old cookies from 5.0.12
Cookies from 5.0.12 seemed to have an extra slash in the path.
Firefox doesn't allow to remove them if the trailing slash isn't
there,
thus making it impossible to logout correctly.

This fix adds extra code to delete such stray cookies.

Ported from stable5 branch 99e5c6f7eb
2013-11-07 18:49:50 +01:00
Thomas Müller
9c9dc276b7 move the private namespace OC into lib/private - OCP will stay in lib/public
Conflicts:
	lib/private/vcategories.php
2013-09-30 16:36:59 +02:00
Renamed from lib/user/session.php (Browse further)