nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-05-19 08:25:56 -04:00

Author	SHA1	Message	Date
Côme Chilliet	f444f83e2a	fix: Fix type for stable27 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-04-21 16:23:41 +02:00
Côme Chilliet	4ba417c11b	fix: Reduce the mixups between apptokens and session ids Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-04-21 15:41:47 +02:00
Christoph Wurst	57463df26a	fix(session): Only mark sessions of permanent tokens as app passwords Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2025-04-09 07:50:12 +02:00
Julius Härtl	04dd57635b	fix: Implement option to temporarily set the user session Signed-off-by: Julius Härtl <jus@bitgrid.net>	2024-09-10 08:41:32 +02:00
Arthur Schiwon	31e079520c	fix(Session): avoid race conditions on clustered setups - re-stablishes old behaviour with cache to return null instead of throwing an InvalidTokenException when the token is cached as non-existing - token invalidation and re-generation are bundled in a DB transaction now Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-07-11 10:38:03 +02:00
Christoph Wurst	0cc692886b	fix(auth): Update authtoken activity selectively Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-06-03 22:53:01 +02:00
Christoph Wurst	8429993328	fix(session): Do not update authtoken last_check for passwordless Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-06-02 22:07:28 +02:00
yemkareems	f7e7761a43	fix: restored the file to what it is in master branch Signed-off-by: yemkareems <yemkareems@gmail.com>	2024-05-16 17:00:21 +02:00
yemkareems	0c0b816029	fix: delete user credentials stored in storages_credentials when user gets deleted Signed-off-by: yemkareems <yemkareems@gmail.com> [skip ci]	2024-05-16 17:00:21 +02:00
Josh	795353871d	fix(User\Manager): Avoid future collisions with updater/audit logs Avoid future collisions for not yet created updater and audit log files (at least using default names). Signed-off-by: Josh <josh.t.richards@gmail.com>	2024-05-06 14:30:44 +00:00
Christoph Wurst	fdfd620757	fix(auth): Fix logging in with email, password and login name mismatch Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-01-22 09:43:25 +00:00
Git'Fellow	27af03c92d	fix(session): Avoid two useless authtoken DB queries for every anonymous request Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at> Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-01-17 09:27:17 +00:00
Julius Härtl	9112904206	perf: Use more performant way to obtain and check the email as a login name with token login Signed-off-by: Julius Härtl <jus@bitgrid.net>	2024-01-09 11:56:45 +01:00
Arthur Schiwon	ef70f798b5	Merge pull request #41383 from nextcloud/backport/41302/stable27 [stable27] Lower log level about invalid session token	2023-11-15 22:41:09 +01:00
Patrick Fischer	b79f58933b	Lower log level about invalid session token	2023-11-10 15:59:14 +00:00
Christoph Wurst	3d58d18d1d	fix(session): Log why session renewal failed Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-11-02 10:25:56 +00:00
Christoph Wurst	d932622255	fix: Log critical session renewal and logout paths Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-10-10 09:47:07 +00:00
Christoph Wurst	b07007dac4	fix(user): Log affected user of app token login name mismatch Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-10-06 08:15:06 +00:00
Joas Schilling	7ffc89e7ff	fix(cache): Remove displayname cache entry on delete Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-28 16:18:59 +00:00
Joas Schilling	bbb9437116	fix(dav): Fix avatar size in system address book Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-05-26 10:28:59 +00:00
Christoph Wurst	1381c4c157	feat(users): Store and load a user's manager Co-Authored-By: hamza221 <hamzamahjoubi221@gmail.com> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-05-12 13:56:48 +02:00
Christopher Ng	4ecae83385	fix(user): Can change display name Signed-off-by: Christopher Ng <chrng8@gmail.com>	2023-05-04 11:14:49 -07:00
Joas Schilling	b91957e3df	fix(dav): Abort requests with 429 instead of waiting Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-05-03 22:43:36 +02:00
Côme Chilliet	346344c153	Update version number in since and deprecated annotations Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-27 12:04:32 +02:00
Côme Chilliet	3c2b126eba	Make code clearer and bump @ deprecated annotations Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-27 12:00:07 +02:00
Carl Schwan	a4c599c1c9	Split new method in a new group backend interface Better for backward compatibility, also move new interfaces to nc 26 Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2023-04-27 12:00:01 +02:00
Carl Schwan	35dc223500	Optimize retrieving display name when searching for users in a group This is recurrent scenario that we are searching for users and then for each users we fetch the displayName. This is inefficient, so instead try to do one query to fetch everything (e.g. Database backend) or use the already existing DisplayNameCache helper. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2023-04-27 11:57:45 +02:00
Côme Chilliet	426c0341ff	Use typed version of IConfig::getSystemValue as much as possible Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 12:50:08 +02:00
Julius Härtl	c7c1133c15	Merge pull request #35561 from nextcloud/create-user-transaction	2023-03-15 15:13:50 +01:00
Arthur Schiwon	a30d7c51d3	Merge pull request #37227 from nextcloud/h1-dav-brute-force-protection chore: use local variable for remote address	2023-03-15 15:11:53 +01:00
Thomas Citharel	f7e65b1751	Create the database user in a transaction In OC\User\Manager::createUserFromBackend the newly created user is read using getUserObject($uid, $backend) but that can cause causal read issues (wrote in DB primary, not yet in secondary). In OC\User\Database user backend the user cache is unset after the insert, so it can't be used by getRealUID() (which is called by getUserObject()). To avoid that we make sure the user cache is repopulated in a transaction. Signed-off-by: Thomas Citharel <tcit@tcit.fr>	2023-03-15 11:07:07 +00:00
Daniel Kesselberg	f751d2d891	chore: use local variable for remote address Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-03-10 18:04:34 +01:00
Julius Härtl	3287eddbbc	fix: Recalculate storage statistics on updating the quota Signed-off-by: Julius Härtl <jus@bitgrid.net>	2023-03-06 22:46:07 +00:00
Robin Appelman	853ec60f3e	also cache backend for user in memory instead of always going to redis Signed-off-by: Robin Appelman <robin@icewind.nl>	2023-02-10 12:25:23 +01:00
Côme Chilliet	5aed587e25	Fix setQuota on User on 32bits Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-02-07 11:23:30 +01:00
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-01-20 11:45:08 +01:00
Simon L	7271ec7acf	spaces are allowed in userids Signed-off-by: Simon L <szaimen@e.mail.de>	2023-01-10 13:25:27 +01:00
Côme Chilliet	f6ff717b56	Merge pull request #34772 from nextcloud/fix/clean-ldap-access-factory-usage Make sure to use AccessFactory to create Access instances and use DI	2022-12-20 16:48:07 +01:00
Joas Schilling	256fbe9d77	Validate if the user part of a "cloud id" can even be a valid user id Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-12-09 22:40:46 +01:00
Roeland Jago Douma	77df92cabf	feat: add event for failed logins Apps might also like to know about failed logins. This adds that event. The private interface changes are backwards compatible so all should be fine. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2022-11-24 21:24:21 +01:00
Julius Härtl	de3099b4d6	Remove potential mismatching dav session data during login Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-11-22 08:47:01 +01:00
Côme Chilliet	341dda1de6	Merge branch 'master' into fix/clean-ldap-access-factory-usage Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>	2022-11-21 16:05:17 +01:00
Côme Chilliet	c79a6b3f62	Fix errors from PHP 8.2 testing Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-11-14 17:08:21 +01:00
Christoph Wurst	e2d3409a34	Fix unsuccessful token login logged as error The condition of a non-existent login token can happen for concurrent requests. Admins can not do anything about this. So this is to be expected to happen occasionally. This event is only bad if none of the requests is able to re-acquire a session. Luckily this happens rarely. If a login loop persists an admin can still lower the log level to find this info. But a default error log level will no longer write those infos about the failed cookie login of one request. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-11-07 15:08:48 +01:00
Côme Chilliet	556e3c84e6	Fix return type for countUsers method Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-25 10:20:09 +02:00
Arthur Schiwon	8e8acf2d90	LDAP to no register new users when outside of fair use or over limits Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2022-10-18 12:57:43 +02:00
Joas Schilling	144514e49e	Fix avatar cleanup on user delete Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-09-19 21:36:50 +02:00
Vincent Petry	25888a3d42	Merge pull request #34073 from nextcloud/login-email-filter dont try email login if the provider username is not a valid email	2022-09-16 14:54:24 +02:00
Maxence Lange	381eb046b5	Merge pull request #33793 from nextcloud/fix/noid/rtrim-cloud-id rtrim cloudId url earlier	2022-09-15 10:46:39 -01:00
Robin Appelman	1fbb951691	dont try email login if the provider username is not a valid email Signed-off-by: Robin Appelman <robin@icewind.nl>	2022-09-14 14:04:13 +02:00

1 2 3 4 5 ...

346 commits