nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-02-25 02:44:57 -05:00

Author	SHA1	Message	Date
Joas Schilling	e42235a3e4	fix(lostpassword): Also rate limit the setPassword endpoint Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-05-15 15:59:51 +02:00
Christopher Ng	c2d2ae3c59	Improve handling of profile fields Signed-off-by: Christopher Ng <chrng8@gmail.com> (cherry picked from commit `82bbcca720`)	2023-04-03 16:03:56 -07:00
Christoph Wurst	adb4507b2f	fix(client-login-flow): Handle missing stateToken gracefully Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-02-27 16:10:15 +00:00
MichaIng	78076c6d4a	Merge pull request #36828 from nextcloud/backport/36807/stable25 [stable25] Avoid getting null mimetype when getting reference preview	2023-02-26 22:46:26 +01:00
Julien Veyssier	5430044082	[reference preview] fix getting null mimetype if the cached reference lacks an image content type Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-02-23 10:17:13 +00:00
Simon L	bbbef1f1ad	Fix the login log entry Signed-off-by: Simon L <szaimen@e.mail.de>	2023-02-11 14:28:38 +01:00
Joas Schilling	6a3d986102	Add bruteforce protection to password reset page Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-02-07 07:39:12 +01:00
Christoph Wurst	197a2ea1f9	Fix login loop if login CSRF fails and user is not logged in If CSRF fails but the user is logged in that they probably logged in in another tab. This is fine. We can just redirect. If CSRF fails and the user is also not logged in then something is fishy. E.g. because Nextcloud contantly regenrates the session and the CSRF token and the user is stuck in an endless login loop. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-01-18 11:04:59 +00:00
John Molakvoæ	317c07f7c6	Merge pull request #35747 from nextcloud/backport/35562/stable25 [stable25] Read loginName from token	2023-01-06 08:56:47 +01:00
Joas Schilling	151723bb77	Also limit the password length on reset Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-01-04 08:59:05 +00:00
Varun Patil	64a1bcec1d	Fix type of PreviewController::$userId Can be null if not logged in; currently crashes Signed-off-by: Varun Patil <varunpatil@ucla.edu>	2022-12-19 09:26:33 +00:00
Daniel Kesselberg	a3cd174b44	Fix GH-33187 $this->userId is null when loggedin via app password. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2022-12-13 09:12:40 +00:00
Côme Chilliet	36d3ef1c7c	Add rate limiting on lost password emails Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-27 09:21:40 +00:00
Julius Härtl	2117736e34	Check share attributes on preview endpoints Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-10-26 13:20:46 +00:00
Julien Veyssier	53458967b3	fix reference preview endpoint when no server-side cache configured Signed-off-by: Julien Veyssier <eneiluj@posteo.net>	2022-10-18 17:56:35 +00:00
Joas Schilling	14a59c461b	Fix URLs on reference resolving The vue-richtext app currently sends leading spaces if they are in the text. Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-10-02 12:43:22 +00:00
Julius Härtl	4aeb701b87	Add cache header for image endpoint if link previews Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-09-28 18:29:45 +00:00
Julius Härtl	89f8179e64	Add endpoint to fetch a cachable reference data Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-09-27 09:58:13 +00:00
Carl Schwan	66a7a89898	Add api to load additional section in profile page Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-09-14 12:55:40 +02:00
Carl Schwan	bc9a488046	Update avatars on update Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-09-09 14:23:41 +02:00
Carl Schwan	76d0165330	Dark theme for guest avatar And better caching policy Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-09-09 13:37:51 +02:00
Carl Schwan	f98ae2b5b0	Avatar new style Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-09-09 13:37:51 +02:00
Christopher Ng	f44d2586b1	Remake profile picture saving with Vue Signed-off-by: Christopher Ng <chrng8@gmail.com>	2022-09-02 02:22:57 +00:00
Julius Härtl	1ab66988bc	Inject all dependnencies and increase cache timeout Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-08-31 18:02:57 +02:00
Julius Härtl	80f6a5834a	Refactor cache handling Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-08-31 16:24:35 +02:00
Julius Härtl	a392235e23	Cleanup Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-08-31 16:24:33 +02:00
Julius Härtl	0ce0d37ac1	Implement image caching Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-08-31 16:20:06 +02:00
Julius Härtl	de3e541fde	API for fetching reference metadata Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-08-31 16:20:05 +02:00
Joas Schilling	85eb3b2920	Fix wording of undeliverable push notifications Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-08-31 12:42:31 +02:00
Christopher Ng	9ba11ecefd	Improve handling of profile page Signed-off-by: Christopher Ng <chrng8@gmail.com>	2022-08-22 19:28:35 +00:00
NoSleep82	b03aedf128	Update core/Controller/LostController.php Co-authored-by: John Molakvoæ <skjnldsv@users.noreply.github.com> Signed-off-by: NoSleep82 <52562874+NoSleep82@users.noreply.github.com>	2022-08-21 13:16:23 +02:00
NoSleep82	61548c520b	Update LostController.php i would be useful to know who is trying to reset the password (misspelled username or email, ex user or some sort of attack) Signed-off-by: NoSleep82 <52562874+NoSleep82@users.noreply.github.com>	2022-08-19 18:30:32 +02:00
Carl Schwan	253118298d	Redesign guest pages for better accessibility - Use white box and put content on it - Improve focus indicator Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-07-27 10:43:21 +02:00
Christopher Ng	92500e810f	Identify the login page explicitly by the page title Signed-off-by: Christopher Ng <chrng8@gmail.com>	2022-07-20 23:55:50 +00:00
Thomas Citharel	abe5ff3654	Make LostController use IInitialState and LoggerInterface Signed-off-by: Thomas Citharel <tcit@tcit.fr>	2022-06-10 16:41:41 +02:00
Thomas Citharel	44e13848a1	Add password reset typed events These hooks are only used in the Encryption app from what I can see. Signed-off-by: Thomas Citharel <tcit@tcit.fr>	2022-06-10 16:41:41 +02:00
Christopher Ng	57c66bf7cb	Use Image class from public API Signed-off-by: Christopher Ng <chrng8@gmail.com>	2022-06-02 00:37:36 +00:00
Carl Schwan	b70c6a128f	Update core to PHP 7.4 standard - Typed properties - Port to LoggerInterface Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-05-20 22:18:06 +02:00
Joas Schilling	6084d691b0	Merge pull request #32375 from nextcloud/bugfix/noid/show-user-account-on-grant-loginflow-step Show user account on grant loginflow step	2022-05-16 11:18:22 +02:00
Joas Schilling	db1813f640	Show user account on grant loginflow step Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-05-13 10:50:30 +02:00
Thomas Citharel	232322fe06	Modernize contacts menu Signed-off-by: Thomas Citharel <tcit@tcit.fr>	2022-05-12 18:31:59 +02:00
John Molakvoæ	3c6253f965	Remove old legacy SvgController and IconsCacher Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>	2022-05-10 23:24:07 +02:00
Joas Schilling	6e4d721278	Expose shareWithDisplayNameUnique also on autocomplete endpoint Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-05-03 12:51:23 +02:00
Vincent Petry	576e4e8f2a	Merge pull request #31592 from nextcloud/fix/direct-arg-flow-v2 Add direct arg to login flow	2022-03-29 18:21:40 +02:00
Vincent Petry	80388663af	Add direct arg to login flow Signed-off-by: Vincent Petry <vincent@nextcloud.com> Co-Authored-by: Carl Schwan <carl@carlschwan.eu>	2022-03-28 10:28:45 +02:00
Joas Schilling	5f75d2e104	Remove old shortening Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-03-23 21:42:29 +01:00
Joas Schilling	a0c7798c7d	Limit the length of app password names Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-03-23 10:47:56 +01:00
Christopher Ng	1fc0b4320c	Add global profile toggle config Signed-off-by: Christopher Ng <chrng8@gmail.com>	2022-03-18 02:55:12 +00:00
Carl Schwan	36721a8d0d	Fix caching of the user avatar Now on firefox/safari it is only refetched once a day. On Chrom{e,ium} we keep the previous behavior of maybe refetching it more often. This also notify the user about this behavior when they upload an avatar picture. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-02-25 14:24:07 +01:00
Carl Schwan	7dddbd0c35	Improve caching policy * Cache css with version in url. This makes most js and css requests to be cached by the browser * Force caching previews, the etag is in the url so that if the propfind gives a new etag, we will refresh it otherwise it's no use to try to fetch the new etag and do tons of DB queries Tested with firefox and 'debug' => false (important so that the js/css urls are generated with ?v= parameter) Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-02-16 11:35:57 +01:00

1 2 3 4 5 ...

528 commits