nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Daniel Kesselberg	a53e15c971	fix: log requests exceeding the rate limiting Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-05-14 12:23:40 +07:00
Ferdinand Thiessen	db94e10af0	fix: Prevent breaking change in IQueryBuilder Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-10-17 18:31:44 +07:00
Ferdinand Thiessen	e314d52118	fix: Adjust parameter type usage and add SQLite support Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-10-17 18:31:44 +07:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +07:00
Christoph Wurst	1ee833efab	refactor: Replace __CLASS__ with ::class references Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-09-15 21:40:55 +07:00
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-24 13:11:22 +07:00
Christoph Wurst	e477bb7eaf	feat(appframework): Expose programmatic rate limiter Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-09-20 20:25:27 +07:00
Faraz Samapoor	e73757b4a5	Refactors lib/private/Security. Mainly using PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <fsa@adlas.at>	2023-06-26 15:03:13 +07:00
Joas Schilling	454281af03	feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CI Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-04-03 09:06:45 +07:00
Côme Chilliet	71ee292650	Add rate limiting on lost password emails Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-18 14:49:02 +07:00
Joas Schilling	b59df35426	Make the DB query simpler (as we just deleted all other entries) Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-01-28 16:55:17 +07:00
Lukas Reschke	474a5b55d3	Implement review feedback Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-09-13 11:01:35 +07:00
Lukas Reschke	358eaba7dd	Apply suggestions from code review Signed-off-by: Lukas Reschke <lukas@statuscode.ch> Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>	2021-09-13 10:43:01 +07:00
Lukas Reschke	471167019c	Implement PR review feedback Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-09-07 18:03:34 +07:00
Lukas Reschke	a915372c56	phpcs Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-09-06 17:50:23 +07:00
Lukas Reschke	378cc922c4	Adjust logic to store period instead of current timestamp Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-09-06 17:31:36 +07:00
Lukas Reschke	d4f97affc1	Add database ratelimiting backend In case no distributed memory cache is specified this adds a database backend for ratelimit purposes. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-09-06 16:31:01 +07:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +07:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +07:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +07:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +07:00
Roeland Jago Douma	7927aebdeb	Fix report of phpstan in Limiter * unneeded arguments to constructor * added return types * let automatic DI do its work Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-19 19:38:43 +07:00
Roeland Jago Douma	cf0a339997	Make OC\Security\RateLimiting strict * Add return types * Add scalar argument types * Made strict * Cleaned up phpstorm inspections Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-01-14 21:08:23 +07:00
Morris Jobke	d2d73f1ce8	Also replace all other occurences Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-12-18 20:57:11 +07:00
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-11-06 16:56:19 +07:00
Lukas Reschke	e39e6d0605	Remove expired attempts Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-04-13 12:00:18 +07:00
Lukas Reschke	66835476b5	Add support for ratelimiting via annotations This allows adding rate limiting via annotations to controllers, as one example: ``` @UserRateThrottle(limit=5, period=100) @AnonRateThrottle(limit=1, period=100) ``` Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-04-13 12:00:16 +07:00

27 Commits (b9ab00a59e2d906fdb43eaaea37eb7a4a9cc8a13)