From 4128b853e559935794e181439faa01dd5f884e36 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Fri, 20 May 2016 17:54:46 +0200 Subject: [PATCH] login explicitly --- core/Controller/LoginController.php | 3 +++ lib/private/Setup.php | 1 + lib/private/User/Session.php | 15 ++++++--------- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index ea857bb57d..6471d8d5d6 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -190,6 +190,9 @@ class LoginController extends Controller { $args = !is_null($user) ? ['user' => $user] : []; return new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args)); } + // TODO: remove password checks from above and let the user session handle failures + // requires https://github.com/owncloud/core/pull/24616 + $this->userSession->login($user, $password); $this->userSession->createSessionToken($this->request, $loginResult->getUID(), $password); if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) { diff --git a/lib/private/Setup.php b/lib/private/Setup.php index d60c4663fb..59257d1084 100644 --- a/lib/private/Setup.php +++ b/lib/private/Setup.php @@ -371,6 +371,7 @@ class Setup { $userSession = \OC::$server->getUserSession(); $defaultTokenProvider = \OC::$server->query('OC\Authentication\Token\DefaultTokenProvider'); $userSession->setTokenProvider($defaultTokenProvider); + $userSession->login($username, $password); $userSession->createSessionToken($request, $username, $password); //guess what this does diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index ddd86a56ab..d01e51163b 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -397,16 +397,13 @@ class Session implements IUserSession, Emitter { return false; } $name = isset($request->server['HTTP_USER_AGENT']) ? $request->server['HTTP_USER_AGENT'] : 'unknown browser'; - $loggedIn = $this->login($uid, $password); - if ($loggedIn) { - try { - $sessionId = $this->session->getId(); - $this->tokenProvider->generateToken($sessionId, $uid, $password, $name); - } catch (SessionNotAvailableException $ex) { - - } + try { + $sessionId = $this->session->getId(); + $this->tokenProvider->generateToken($sessionId, $uid, $password, $name); + } catch (SessionNotAvailableException $ex) { + } - return $loggedIn; + return true; } /**