Add token auth for OCS APIs

2 files changed, 7 insertions, 3 deletions

diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index e13d8ae10d2..7afed6b274a 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -172,7 +172,7 @@ class LoginController extends Controller {
 		if ($this->userManager->checkPassword($user, $password) === false) {
 			return new RedirectResponse($this->urlGenerator->linkToRoute('login#showLoginForm'));
 		}
-		$this->userSession->createSessionToken($user, $password);
+		$this->userSession->createSessionToken($this->request, $user, $password);
 		if (!is_null($redirect_url) && $this->userSession->isLoggedIn()) {
 			$location = OC::$server->getURLGenerator()->getAbsoluteURL(urldecode($redirect_url));
 			// Deny the redirect if the URL contains a @
diff --git a/core/Controller/TokenController.php b/core/Controller/TokenController.php
index 8a25ad9bb98..d1d7b50d084 100644
--- a/core/Controller/TokenController.php
+++ b/core/Controller/TokenController.php
@@ -68,10 +68,14 @@ class TokenController extends Controller {
 	 */
 	public function generateToken($user, $password, $name = 'unknown client') {
 		if (is_null($user) || is_null($password)) {
-			return new Response([], Http::STATUS_UNPROCESSABLE_ENTITY);
+			$response = new Response([]);
+			$response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
+			return $response;
 		}
 		if ($this->userManager->checkPassword($user, $password) === false) {
-			return new Response([], Http::STATUS_UNAUTHORIZED);
+			$response = new Response([]);
+			$response->setStatus(Http::STATUS_UNAUTHORIZED);
+			return $response;
 		}
 		$token = $this->secureRandom->generate(128);
 		$this->tokenProvider->generateToken($token, $user, $password, $name, IToken::PERMANENT_TOKEN);