Commit graph

176 commits

Author SHA1 Message Date
Lukas Reschke
72b5f9bfac
Use createMock instead of deprecated getMock 2016-08-11 15:22:29 +02:00
Lukas Reschke
9ca25e857c
Redirect users when already logged-in on login form 2016-08-11 15:22:29 +02:00
Thomas Pulzer
61a1d56d27 Renamed test classes for file logging tests. 2016-07-22 14:47:50 +02:00
Thomas Pulzer
ba3f4f118e Changed logtype to file instead of owncloud.
- Updated the config sample to point to log_type='file'
- Renamed the Class for logfile logging to File in namespace 'OC\Log\'.
  Changed the occurrences of 'OC\Log\Owncloud' to 'OC\Log\File'.
- Renamed the Class for log:file command to File in namespace 'OC\Core\Command\Log\File'.
  Changed registration of the command to use 'OC\Core\Command\Log\File'.
- Changed default Syslog tag to Nextcloud
- Retained backwards compatibility for configs with 'logtype' => 'owncloud'

- Adjusted tests for the new file log.

Closes #490.
2016-07-22 11:44:19 +02:00
Lukas Reschke
c1589f163c
Mitigate race condition 2016-07-20 23:09:27 +02:00
Lukas Reschke
ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Joas Schilling
aaf2be4c3d
Use argument instead of value 2016-07-14 15:09:47 +02:00
Joas Schilling
4656b79c8e
FIx my email 2016-07-13 18:46:27 +02:00
Joas Schilling
dcacdde1ea
Add tests for set/get/delete/list 2016-07-13 18:43:57 +02:00
Joas Schilling
f574a9d44f
Make sure the exception is catched 2016-07-13 18:43:53 +02:00
Joas Schilling
01899b8cf1
Add tests for checkInput() 2016-07-13 18:43:50 +02:00
Morris Jobke
2791b8f00d Revert "occ web executor (#24957)"
This reverts commit 854352d9a0.
2016-07-07 12:14:45 +02:00
Thomas Pulzer
90b7f74da7 Changed name of default logfile from owncloud.log to nextcloud.log. 2016-07-04 11:50:32 +02:00
VicDeo
854352d9a0 occ web executor (#24957)
* Initial web executor

* Fix PHPDoc

Fix broken integration test

OccControllerTests do not require database access - moch them all!

Kill unused sprintf
2016-06-22 13:12:36 +02:00
Thomas Müller
232d735893
Do not leak the login name - fixes #25047 2016-06-09 16:44:31 +02:00
Vincent Petry
7dcc47dc94 Merge pull request #25011 from owncloud/issue-24745-allow-to-cancel-2fa
Allow to cancel 2FA after login
2016-06-08 10:27:21 +02:00
Joas Schilling
3e3b326c85
Allow to cancel 2FA after login 2016-06-07 18:17:29 +02:00
Christoph Wurst
8f7a4aaa4d
do not generate device token if 2FA is enable for user 2016-06-07 09:09:51 +02:00
Christoph Wurst
5e71d23ded
remember redirect_url when solving the 2FA challenge 2016-06-01 14:43:47 +02:00
Vincent Petry
7f20203006 Merge pull request #24836 from owncloud/auth-tests-to-psr4
Move parallel merged auth tests to PSR-4
2016-05-25 15:15:19 +02:00
Joas Schilling
8afbd80328
Move parallel merged auth tests to PSR-4 2016-05-25 12:02:05 +02:00
Vincent Petry
25e6026fa6 Merge pull request #24735 from juliushaertl/passwordreset-invalid
Show error messages if a password reset link is invalid or expired
2016-05-25 11:08:46 +02:00
Christoph Wurst
ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Julius Haertl
d065980814 Add more tests for OC\Core\Controller\LostController
- remove testResetFormUnsuccessful as it is now splitted up in different test cases
- add testResetFormInvalidToken to check if timestamp and token are present
- add testResetFormInvalidTokenMatch to check if the saved token matches the provided
- add testResetFormExpiredToken to check if expiration detection works
- add testResetFormValidToken to check if detection of valid tokens works
2016-05-23 16:48:10 +02:00
Christoph Wurst
dfb4d426c2
Add two factor auth to core 2016-05-23 11:21:10 +02:00
Joas Schilling
392bc0c6b9
Move tests/core/ to PSR-4 2016-05-19 11:18:25 +02:00