diff options
| author | Joas Schilling <coding@schilljs.com> | 2022-03-10 15:28:01 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2022-03-10 15:52:01 +0100 |
| commit | 50ccf7e2cff8dfe6345d32e5c3b69a544eef52ea (patch) | |
| tree | e60edf9c4573e5439f4a8abd5299dc7f2e76688e /core/Command/User | |
| parent | a6882deebc0b4ab3bc181f97e5adb35f1bb4fcd0 (diff) | |
| download | nextcloud-server-50ccf7e2cff8dfe6345d32e5c3b69a544eef52ea.tar.gz nextcloud-server-50ccf7e2cff8dfe6345d32e5c3b69a544eef52ea.zip | |
Validate the password before generating an apptoken
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'core/Command/User')
| -rw-r--r-- | core/Command/User/AddAppPassword.php | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/core/Command/User/AddAppPassword.php b/core/Command/User/AddAppPassword.php index 34c8dc67ccc..4f636c406fb 100644 --- a/core/Command/User/AddAppPassword.php +++ b/core/Command/User/AddAppPassword.php @@ -109,8 +109,10 @@ class AddAppPassword extends Command { return 1; } - $output->writeln('<info>The password is not validated so what you provide is what gets recorded in the token</info>'); - + if (!$this->userManager->checkPassword($user->getUID(), $password)) { + $output->writeln('<error>The provided password is invalid</error>'); + return 1; + } $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); $generatedToken = $this->tokenProvider->generateToken( |