diff options
| author | blizzz <blizzz@arthur-schiwon.de> | 2017-02-15 21:47:47 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-02-15 21:47:47 +0100 |
| commit | 19fc68cbdca8b6e401c619c7b6b88836816ef6cb (patch) | |
| tree | 66abed71e726a27e6cd779f40574cf34f1e022e0 | |
| parent | 79a16bc2d3408b2240489b0ddd4e27c52c72884c (diff) | |
| parent | 9b6f99ab0824294f2491c3546f55788832634eff (diff) | |
| download | nextcloud-server-19fc68cbdca8b6e401c619c7b6b88836816ef6cb.tar.gz nextcloud-server-19fc68cbdca8b6e401c619c7b6b88836816ef6cb.zip | |
Merge pull request #2606 from temparus/master
Add preLoginValidation hook
| -rw-r--r-- | core/Controller/LoginController.php | 7 | ||||
| -rw-r--r-- | lib/private/User/Session.php | 9 |
2 files changed, 13 insertions, 3 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 954a18e8778..abb1df4bcd4 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -1,8 +1,10 @@ <?php /** + * @copyright Copyright (c) 2017, Sandro Lutz <sandro.lutz@temparus.ch> * @copyright Copyright (c) 2016 Joas Schilling <coding@schilljs.com> * @copyright Copyright (c) 2016, ownCloud, Inc. * + * @author Sandro Lutz <sandro.lutz@temparus.ch> * @author Christoph Wurst <christoph@owncloud.com> * @author Joas Schilling <coding@schilljs.com> * @author Lukas Reschke <lukas@statuscode.ch> @@ -44,6 +46,7 @@ use OCP\IURLGenerator; use OCP\IUser; use OCP\IUserManager; use OCP\IUserSession; +use OC\Hooks\PublicEmitter; class LoginController extends Controller { /** @var IUserManager */ @@ -214,6 +217,10 @@ class LoginController extends Controller { return $this->generateRedirect($redirect_url); } + if ($this->userManager instanceof PublicEmitter) { + $this->userManager->emit('\OC\User', 'preLogin', array($user, $password)); + } + $originalUser = $user; // TODO: Add all the insane error handling /* @var $loginResult IUser */ diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 705ca95210a..c03cbd5891b 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -1,7 +1,9 @@ <?php /** + * @copyright Copyright (c) 2017, Sandro Lutz <sandro.lutz@temparus.ch> * @copyright Copyright (c) 2016, ownCloud, Inc. * + * @author Sandro Lutz <sandro.lutz@temparus.ch> * @author Arthur Schiwon <blizzz@arthur-schiwon.de> * @author Bernhard Posselt <dev@bernhard-posselt.com> * @author Christoph Wurst <christoph@owncloud.com> @@ -332,6 +334,10 @@ class Session implements IUserSession, Emitter { OC\Security\Bruteforce\Throttler $throttler) { $currentDelay = $throttler->sleepDelay($request->getRemoteAddress(), 'login'); + if ($this->manager instanceof PublicEmitter) { + $this->manager->emit('\OC\User', 'preLogin', array($user, $password)); + } + $isTokenPassword = $this->isTokenPassword($password); if (!$isTokenPassword && $this->isTokenAuthEnforced()) { throw new PasswordLoginForbiddenException(); @@ -476,7 +482,6 @@ class Session implements IUserSession, Emitter { * @throws LoginException if an app canceld the login process or the user is not enabled */ private function loginWithPassword($uid, $password) { - $this->manager->emit('\OC\User', 'preLogin', array($uid, $password)); $user = $this->manager->checkPassword($uid, $password); if ($user === false) { // Password check failed @@ -527,8 +532,6 @@ class Session implements IUserSession, Emitter { // Ignore and use empty string instead } - $this->manager->emit('\OC\User', 'preLogin', array($uid, $password)); - $user = $this->manager->get($uid); if (is_null($user)) { // user does not exist |