It'll be nice to have "disable password confirm" option

[zorn-v]

I have app in which users does not know their passwords (nobody knows) - sociallogin. In that app user can be created with generated password.
But sometimes users need to change some options (like email for "forgot password" BTW). In my instance of nexcloud IT IS OK to not ask password for such things.
Why it is compulsorily ?

[MorrisJobke]

The social login app then needs to "fake disable" this behavior. As of now this is simply a server timestamp and the app then needs to fake this on every request so that the popup is never triggered because nextcloud thinks the login happened just now and doesn't ask for the password again. I would not allow an admin to disable this, but this needs to be done in the app itself.

Please report it in the repo of that app.

[zorn-v]

Please report it in the repo of that app.

I'm author, but thanks for idea.

[MorrisJobke]

I just noticed that for user_saml we disabled this in the server: #7487

cc @schiessle @rullzer @blizzz Should we add this for the social login as well?

[blizzz]

As commented there already, i don't like that the backend name is hard coded. We should introduce an interface for this, and than any backend can use it.

[zorn-v]

I implemented this option in personal settings in my app. But I think it should be in core.

[rullzer]

I agree with @blizzz here. Now that we have the fancy new interfaces we could actually check this.

[zorn-v]

Hardcoded check of hardcoded interfaces.
What I should do if I don't need implement that interface (example - sociallogin app) ?
I mean no need to implement user backend.

[rullzer]

@zorn-v we improved the user backend handling (see https://github.com/nextcloud/server/tree/master/lib/public/User/Backend)

Probably if we'd add a new interface here. Which doesn't have any functions to implement. But it can tell the server 'ok this backend doesn't support this' then we can take action accordingly.

[zorn-v]

Well, what should I do while using standard DB user manager and no need of confirmation ?
Is below line of code HARDER then you preffer ?
https://github.com/zorn-v/nextcloud-social-login/blob/master/lib/AppInfo/Application.php#L38

[rullzer]

Well that should work as well I guess... 🙈