diff options
| author | Joas Schilling <coding@schilljs.com> | 2021-04-15 13:02:59 +0200 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2021-04-22 15:28:43 +0200 |
| commit | 521bb30541277f6f5e6d939bf75328a9ce8322a9 (patch) | |
| tree | daef10ca4ce3724b16e87b9a253c75a2d72c874a | |
| parent | a011b7021ef7153acce6978a1c65db0a8c7ec32d (diff) | |
| download | nextcloud-server-521bb30541277f6f5e6d939bf75328a9ce8322a9.tar.gz nextcloud-server-521bb30541277f6f5e6d939bf75328a9ce8322a9.zip | |
Throw "401 Unauthenticated" when authentication is provided but invalid
E.g. with an AppToken that has been revoked
Signed-off-by: Joas Schilling <coding@schilljs.com>
| -rw-r--r-- | lib/private/User/Session.php | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index c33d79b83cf..5e6501f9045 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -599,6 +599,8 @@ class Session implements IUserSession, Emitter { return true; } + // If credentials were provided, they need to be valid, otherwise we do boom + throw new LoginException(); } catch (PasswordLoginForbiddenException $ex) { // Nothing to do } |