From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Tue, 20 Nov 2018 08:23:57 +0000 (+0100)
Subject: Bearer tokens are app token
X-Git-Tag: v14.0.4~4^2
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=adf1488e4ee46b8fd49aca7fbef7f72f3104f565;p=nextcloud-server.git

Bearer tokens are app token

Fixes #12498

This means that we set that it is a proper app token once it is
validated. This will allow the 2FA middleware to just run the same
check.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 2c2244f06f7..54003dee00b 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -776,6 +776,10 @@ class Session implements IUserSession, Emitter {
 		if(!$this->validateToken($token)) {
 			return false;
 		}
+
+		// Set the session variable so we know this is an app password
+		$this->session->set('app_password', $token);
+
 		return true;
 	}