Robin Appelman
8eda661761
Throw an exception when login is canceled by an app
2015-01-22 14:13:17 +01:00
Robin Appelman
857695ec87
Return false if the login is canceled in a hook
2015-01-13 13:25:20 +01:00
Morris Jobke
5d296aa6b1
Merge pull request #12969 from owncloud/clarify-docs
...
Clarify return values
2014-12-22 10:01:39 +01:00
Lukas Reschke
dbbf568192
Fix typo
2014-12-19 14:36:00 +01:00
Lukas Reschke
a022e65285
Clarify return values
...
This function returns `null` when no user is logged-in.
2014-12-19 14:17:40 +01:00
Lukas Reschke
e3230b5bc2
Add ultra-slim hack for incognito mode
...
As discussed at https://github.com/owncloud/core/pull/12912#issuecomment-67391155
2014-12-17 21:53:43 +01:00
Bernhard Posselt
236632702c
add a isLoggedIn method to the usersession and deprecate the isLoggedIn method on the api
2014-12-17 17:40:52 +01:00
Morris Jobke
0d4f0ab871
reduce OC_Preferences, OC_Config and \OCP\Config usage
...
* files_encryption
* files_versions
* files_trashbin
* tests
* status.php
* core
* server container
2014-12-08 22:42:37 +01:00
Thomas Müller
5097d4dc05
remove deprecated \OC:$session
2014-11-26 15:32:47 +01:00
Lukas Reschke
770c62c5d8
Clear session after logout
...
Fixes https://github.com/owncloud/core/issues/8420
2014-10-30 12:10:39 +01:00
Robin Appelman
912fbfab01
Unset the cached active user when using a different session object
2014-10-13 13:11:48 +02:00
Lukas Reschke
63a90a129b
Use proper RNG generator
...
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
Jörn Friedrich Dreyer
f551917a3c
kill OC::$session
...
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession
restore order os OC::$session and OC::$CLI
remove unneded initialization of dummy session
write back session when $useCustomSession is true
log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Thomas Müller
a72dae6842
Merge pull request #10144 from owncloud/issue/9972
...
Issue/9972 Fix issues with group and username `0`
2014-08-06 09:53:13 +02:00
Joas Schilling
4865c52aa6
Fix isLoggedIn() check for user '0'
...
Fix #9972
2014-08-04 15:53:55 +02:00
Robin Appelman
20c1ce7f47
Add public interfaces for User, UserManager and UserSession
2014-07-14 15:10:51 +02:00
Arthur Schiwon
748a219243
add preRememberedLogin hook and document this and postRememberedLogin in class descripttion. Also fixes documentation of postLogin hook
2014-05-26 13:53:26 +02:00
Arthur Schiwon
2c89962919
clean up tryRememberLogin and save the timestamp of users last login
2014-05-21 18:03:37 +02:00
Robin McCorkell
bac8962bbc
Fix Scrutinizer errors
2014-05-13 19:08:14 +01:00
Lukas Reschke
f7fa8662e2
Remove session_id_regenerate
from here
...
Jenkins somewhat complains that there are already sent headers.
2014-02-21 08:12:45 +01:00
Lukas Reschke
0241ddc759
Merge pull request #6519 from nhirokinet/master
...
Security Update: session fixation
2014-02-20 14:28:26 +01:00
Jörn Friedrich Dreyer
2a6a9a8cef
polish documentation based on scrutinizer patches
2014-02-06 17:02:21 +01:00
Thomas Müller
9b7c3a5c66
fixing PHPDoc and use cameCase names
2014-01-09 10:27:47 +01:00
NARUKAWA Hiroki
068688063e
Security Update: session fixation
...
Previous version is vulnerable to session fixation attack in some situations, guessing non-apache-module-php5 environment. Regeneration of session id should be done here.
2013-12-20 03:38:51 +09:00
Arthur Schiwon
91d6a6dd7c
On webdav sesssions, loginname was compared to username which does not need to match necessarily
2013-12-13 16:58:03 +01:00
Vincent Petry
013444813e
Now removing stray old cookies from 5.0.12
...
Cookies from 5.0.12 seemed to have an extra slash in the path.
Firefox doesn't allow to remove them if the trailing slash isn't
there,
thus making it impossible to logout correctly.
This fix adds extra code to delete such stray cookies.
Ported from stable5 branch 99e5c6f7eb
2013-11-07 18:49:50 +01:00
Thomas Müller
9c9dc276b7
move the private namespace OC into lib/private - OCP will stay in lib/public
...
Conflicts:
lib/private/vcategories.php
2013-09-30 16:36:59 +02:00