-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ask for authentication before removing 'Device & Sessions' #39390
Comments
To implement this I believe changes are required in two spots: Add a server/apps/settings/src/store/authtoken.ts Lines 104 to 110 in 7395211
It can be modeled after the one used for server/apps/settings/src/store/authtoken.ts Lines 126 to 137 in 7395211
And in the controller the server/apps/settings/lib/Controller/AuthSettingsController.php Lines 171 to 178 in 7395211
Similar to here: server/apps/settings/lib/Controller/AuthSettingsController.php Lines 278 to 288 in 7395211
It might be a good idea to add it to the |
I'd like to work on this issue if possible |
Describe the solution you'd like
As user
I want to make sure that when I remove a device or session from my NextCloud account I'm prompted to authenticate with my password
So that if my account is compromised no one can remove access without the original password
Additional context
I think this feature could help prevent users that leave their account open in a shared device from other users de-authenticating them from their devices and therefore loosing access.
The text was updated successfully, but these errors were encountered: