daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-28 14:30:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,193 Commits 93 Branches 272 Tags
91d59af4dc3910c76cb5343ed2ff1379071a6a86
Commit Graph

14 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
301f42d2a0 aio-interface: preserve old PHPSESSID session during cookie migration to survive 502s on mastercontainer update 
Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/aadfe06c-fde4-4a01-953a-42abd110b416

fix: rename $oldSessionTime to $oldSessionTimestamp for clarity

Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/aadfe06c-fde4-4a01-953a-42abd110b416
Co-Authored-By: szaimen <42591237+szaimen@users.noreply.github.com>
 2026-04-20 17:10:23 +02:00
copilot-swe-agent[bot]
e378f7faca aio-interface: preserve login session across container restarts after cookie name change 
The session cookie was recently renamed from `PHPSESSID` to
   `__Host-Http-PHPSESSID` (commit 3871179a). When watchtower updates the
   mastercontainer, the browser still holds the old `PHPSESSID` cookie, but the
   new code only looks for `__Host-Http-PHPSESSID`. The old cookie is ignored, a
   fresh unauthenticated session is created, and the user is logged out.

   Fix: before starting the new session in index.php, check if the old `PHPSESSID`
   cookie exists and carries an authenticated session. If it does, destroy the old
   session and mark the new one as authenticated via `SetAuthState(true)`.

Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/cba0ea31-e257-4ec1-82ae-dd66f0f34d98

---

refactor: address review comments - use constant for session key and activity interval

Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/cba0ea31-e257-4ec1-82ae-dd66f0f34d98
Co-Authored-By: szaimen <42591237+szaimen@users.noreply.github.com>
 2026-04-20 13:05:41 +02:00
Pablo Zmdl
f9e6339044 Regenerate session id on login to avoid session fixation attacks 
AI-assistant: Copilot v1.0.7 (Claude Opus 4.6)

Signed-off-by: Pablo Zmdl <pablo@nextcloud.com>
 2026-03-31 23:54:56 +02:00
Simon L.
eba86c3ad1 add declare(strict_types=1); to all php files 
Signed-off-by: Simon L. <szaimen@e.mail.de>
 2026-02-03 13:25:53 +01:00
Pablo Zmdl
dd5d51cb2a Camelize property AIO_TOKEN => aioToken 
Signed-off-by: Pablo Zmdl <pablo@nextcloud.com>
 2026-01-28 11:51:56 +01:00
Pablo Zmdl
4d8e959608 Make password an attribute 
Signed-off-by: Pablo Zmdl <pablo@nextcloud.com>
 2026-01-28 11:43:36 +01:00
Pablo Zmdl
b2f992d955 Make AIO_TOKEN an attribute 
Signed-off-by: Pablo Zmdl <pablo@nextcloud.com>
 2026-01-28 11:43:36 +01:00
Jean-Yves
496ec9ba17 update constructor 
Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com>
 2024-10-07 10:12:43 +02:00
Simon L.
3c91fa84e3 fix all places 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2024-05-14 11:30:55 +02:00
Simon L
66452b40ff add logging in case disk space is low and thus login might fail 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-06-25 01:00:18 +02:00
szaimen
3118ecf385 rework session deduplication 
Signed-off-by: szaimen <szaimen@e.mail.de>
 2022-10-16 18:12:50 +02:00
szaimen
f618460a9f increase to 7775 
Signed-off-by: szaimen <szaimen@e.mail.de>
 2022-05-24 19:07:33 +02:00
szaimen
f07413a182 remove the username for the aio interface 
Signed-off-by: szaimen <szaimen@e.mail.de>
 2021-12-07 18:01:20 +01:00
Nextcloud Team
2295a33590 Initial import 2021-11-30 11:20:42 +01:00