diff options
| author | Christoph Wurst <christoph@owncloud.com> | 2016-05-24 16:18:27 +0200 |
|---|---|---|
| committer | Christoph Wurst <christoph@owncloud.com> | 2016-05-24 18:02:52 +0200 |
| commit | a922957f768b61dcd12fa166488c5a9017b57428 (patch) | |
| tree | d7f0e4d03948417986dcd97a2902e39f72332034 | |
| parent | 28ce7dd262fbf748c46b915b67ac6c332fed8420 (diff) | |
| download | nextcloud-server-a922957f768b61dcd12fa166488c5a9017b57428.tar.gz nextcloud-server-a922957f768b61dcd12fa166488c5a9017b57428.zip | |
add default token auth config on install, upgrade and add it to sample config
| -rw-r--r-- | config/config.sample.php | 7 | ||||
| -rw-r--r-- | lib/private/User/Session.php | 3 |
2 files changed, 10 insertions, 0 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 2a368965fba..ffdce5cc2d5 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -195,6 +195,13 @@ $CONFIG = array( 'session_keepalive' => true, /** + * Enforce token authentication for clients, which blocks requests using the user + * password for enhanced security. Users need to generate tokens in personal settings + * which can be used as passwords on their clients. + */ +'token_auth_enforced' => false, + +/** * The directory where the skeleton files are located. These files will be * copied to the data directory of new users. Leave empty to not copy any * skeleton files. diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index cd867dace76..c77cfedba4c 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -368,6 +368,9 @@ class Session implements IUserSession, Emitter { array('uid' => &$username) ); $user = $this->manager->get($username); + if (is_null($user)) { + return true; + } // DI not possible due to cyclic dependencies :'-/ return OC::$server->getTwoFactorAuthManager()->isTwoFactorAuthenticated($user); } |