android
android copied to clipboard
nextcloud
Device trigger brute force protection when token is invalidated in the server
Steps to reproduce
- Connect to a nextcloud server
- In the nextcloud server, remove the token for the new android device
Expected behaviour
- The android device ask the user to log again
Actual behaviour
- The android device tries to reconnect and triggers brute-force protection
Environment data
Android version: unknow
Device model: unknow
Stock or customized system: I guess stock
Nextcloud app version: 3.18.0
Nextcloud server version: 20
Reverse proxy: unknow
@tobiasKaminsky did we fix this? I tested it today with app&server master and it seems to work properly (login screen shows up)
It seems like this was fixed at some point between 3.18.0 and 3.19.1, but I can't bisect to find the exact commit due to the snapshot dependencies in build.gradle.
@CarlSchwan Can you still reproduce this in current versions?
This bug report did not receive an update in the last 4 weeks. Please take a look again and update the issue with new details, otherwise the issue will be automatically closed in 2 weeks. Thank you!
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Apparently bruteforce protection is still triggered if account is disabled entirely
