fixes the throttler not checking the user state on postLogin

a listener to the post login events can still reject a login, so that a
user is not necessarily available at the time.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

diff --git a/lib/base.php b/lib/base.php
index 4c96e3470cd266b20618a2ceda9ba55504b186b5..6dc5948d53c5462c7ca7c50f96ec16b741d8007c 100644 (file)
--- a/lib/base.php
+++ b/lib/base.php
@@ -812,7 +812,7 @@ class OC {
                        // NOTE: This will be replaced to use OCP
                        $userSession = self::$server->getUserSession();
                        $userSession->listen('\OC\User', 'postLogin', function () use ($userSession) {
-                               if (!defined('PHPUNIT_RUN')) {
+                               if (!defined('PHPUNIT_RUN') && $userSession->isLoggedIn()) {
                                        // reset brute force delay for this IP address and username
                                        $uid = \OC::$server->getUserSession()->getUser()->getUID();
                                        $request = \OC::$server->getRequest();