Skip to content

Clean pending 2FA authentication on password reset #13869

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rullzer merged 1 commit into from
Jan 29, 2019
Merged

Clean pending 2FA authentication on password reset #13869

rullzer merged 1 commit into from
Jan 29, 2019

Conversation

@rullzer
Copy link
Member

@rullzer rullzer commented Jan 28, 2019

When a password is reste we should make sure that all users are properly
logged in. Pending states should be cleared. For example a session where
the 2FA code is not entered yet should be cleared.

The token is now removed so the session will be killed the next time
this is checked (within 5 minutes).

Signed-off-by: Roeland Jago Douma [email protected]

@rullzer rullzer added enhancement 3. to review Waiting for reviews labels Jan 28, 2019
@rullzer rullzer added this to the Nextcloud 16 milestone Jan 28, 2019
ChristophWurst
ChristophWurst approved these changes Jan 28, 2019
View reviewed changes
Copy link
Member

@ChristophWurst ChristophWurst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense!

blizzz
blizzz approved these changes Jan 28, 2019
View reviewed changes
Copy link
Member

@blizzz blizzz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense

@rullzer
Copy link
Member Author

rullzer commented Jan 28, 2019

/backport to stable15

@rullzer
Copy link
Member Author

rullzer commented Jan 28, 2019

/backport to stable14

@rullzer
Copy link
Member Author

rullzer commented Jan 28, 2019

/backport to stable13

@MorrisJobke MorrisJobke added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Jan 28, 2019
@MorrisJobke
Copy link
Member

MorrisJobke commented Jan 28, 2019

Quite some CI failures in the LostController

@MorrisJobke MorrisJobke added 2. developing Work in progress and removed 4. to release Ready to be released and/or waiting for tests to finish labels Jan 28, 2019
@rullzer rullzer force-pushed the enh/clean_pending_2fa_session_on_password_change branch from 2e77a05 to a4648c6 Compare January 29, 2019 10:04
@rullzer
Clean pending 2FA authentication on password reset
ac8a6e2 
When a password is reste we should make sure that all users are properly
logged in. Pending states should be cleared. For example a session where
the 2FA code is not entered yet should be cleared.

The token is now removed so the session will be killed the next time
this is checked (within 5 minutes).

Signed-off-by: Roeland Jago Douma <[email protected]>
@rullzer rullzer force-pushed the enh/clean_pending_2fa_session_on_password_change branch from a4648c6 to ac8a6e2 Compare January 29, 2019 12:09
@rullzer rullzer added 4. to release Ready to be released and/or waiting for tests to finish and removed 2. developing Work in progress labels Jan 29, 2019
@rullzer rullzer merged commit deb7d23 into master Jan 29, 2019
@rullzer rullzer deleted the enh/clean_pending_2fa_session_on_password_change branch January 29, 2019 18:50
@backportbot-nextcloud
Copy link

backportbot-nextcloud bot commented Jan 29, 2019

The backport to stable15 failed. Please do this backport manually.

@backportbot-nextcloud
Copy link

backportbot-nextcloud bot commented Jan 29, 2019

The backport to stable14 failed. Please do this backport manually.

@backportbot-nextcloud
Copy link

backportbot-nextcloud bot commented Jan 29, 2019

The backport to stable13 failed. Please do this backport manually.

@rullzer rullzer mentioned this pull request Jan 30, 2019
Merged
This was referenced Jan 30, 2019
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MorrisJobke MorrisJobke MorrisJobke approved these changes

@ChristophWurst ChristophWurst ChristophWurst approved these changes

@blizzz blizzz blizzz approved these changes

@nickvergessen nickvergessen Awaiting requested review from nickvergessen nickvergessen is a code owner

Assignees

No one assigned

Labels

4. to release Ready to be released and/or waiting for tests to finish enhancement

Projects

None yet

Milestone

Nextcloud 16

Development

Successfully merging this pull request may close these issues.

5 participants

@rullzer @MorrisJobke @ChristophWurst @blizzz