Commit graph

27 commits

Author SHA1 Message Date
Lukas Reschke
db4cb1dd4d Expire token after 12h and if user logged-in again
As an hardening measure we should expire password reset tokens after 12h and if the user has logged-in again successfully after the token was requested.
2015-08-22 20:42:45 +02:00
Jenkins for ownCloud
b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
Lukas Reschke
283476a2f7 Use new IMailer and add unit-tests for lostcontroller 2015-03-16 12:47:05 +01:00
Lukas Reschke
13486a5ada Migrate to SwiftMail
Replaces the OC_Mail and phpmailer with SwiftMail allowing us to mock it properly.

Fixes the unit test execution on master on local machines and https://github.com/owncloud/core/issues/12014

Conflicts:
	3rdparty
	lib/private/server.php
	lib/public/iservercontainer.php
	tests/lib/mail.php
	tests/settings/controller/mailsettingscontrollertest.php

Conflicts:
	3rdparty
	lib/private/mail.php
	lib/private/server.php
	lib/public/iservercontainer.php
	settings/ajax/lostpassword.php
	settings/application.php
2015-03-16 12:47:05 +01:00
Morris Jobke
06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Jenkins for ownCloud
6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
Lukas Reschke
ba29ea178f Add unit tests for empty token 2015-02-01 17:34:03 +01:00
Lukas Reschke
35afb0d22e Default to null for lostpassword
We oC 8 we use the `StringUtils::equals` method which will also verify the type, since we don't anylonger hash the token twice this is required in case somebody is able to invoke this route with an empty `$token`.
2015-02-01 17:07:10 +01:00
Bjoern Schiessle
11ab457b72 add password as parameter to the signal so that the encryption can create a new key-pair 2014-11-17 17:50:19 +01:00
Lukas Reschke
357465eac9 Add "postPasswordReset" hook 2014-11-17 17:50:19 +01:00
Lukas Reschke
767b08c669 Use correct route instead
THX @schiesbn
(I should setup a mail server on my local system...)
2014-11-17 17:50:19 +01:00
Lukas Reschke
57b5c82eb7 Remove uneeded import 2014-11-17 17:50:19 +01:00
Lukas Reschke
1b50d4f7ce Warn for password reset when files_encryption is enabled
This patch wil warn the user of the consequences when resetting the password and requires checking a checkbox (as we had in the past) to reset a password.

Furthermore I updated the code to use our new classes and added some unit tests for it 👯

Fixes https://github.com/owncloud/core/issues/11438
2014-11-17 17:50:19 +01:00
Thomas Müller
a8b6cc6a07 - adding default value for $recoveryPassword
- set password correctly in lost password
2014-07-24 12:50:39 +02:00
Morris Jobke
dda5e6c85b add proper Exception message for invalid token 2014-06-13 16:18:58 +02:00
Morris Jobke
1cb7239cb7 use array_merge for merging arrays in PHP 2014-06-13 16:18:39 +02:00
Morris Jobke
ed8b7fc101 complete renaming uid to userId 2014-06-13 16:18:21 +02:00
Morris Jobke
a53cfcb9d1 Migrate ´ to ' 2014-06-13 16:02:41 +02:00
Morris Jobke
d0b71dffca reformat method call and fix paranthesis mismatch 2014-06-13 15:39:44 +02:00
Bernhard Posselt
2b2b1b487c more style fixes 2014-06-13 15:34:52 +02:00
Bernhard Posselt
a6e45a8d0e use more stuff from core :) 2014-06-13 15:34:52 +02:00
Victor Dubiniuk
e026b1dc19 Add missing use 2014-06-13 15:34:52 +02:00
Victor Dubiniuk
59ff71f781 Fix check for user existence 2014-06-13 15:34:52 +02:00
Victor Dubiniuk
47c6fd0c85 Remove debug output 2014-06-13 15:34:52 +02:00
Victor Dubiniuk
4b359ad20c Change routes. Update templates 2014-06-13 15:34:52 +02:00
Victor Dubiniuk
218d0add36 Changes according to review 2014-06-13 15:34:52 +02:00
Victor Dubiniuk
a7fbd91e53 Use appframework 2014-06-13 15:34:52 +02:00