Merge pull request #24748 from owncloud/login-explicitly

Log in explicitly, save login name when generating browser/device tokens
author: Vincent Petry <pvince81@owncloud.com> 2016-05-24 17:51:49 +0200
committer: Vincent Petry <pvince81@owncloud.com> 2016-05-24 17:51:49 +0200
commit: d3fb5d618ea5902c989c39d72fd6ac2e5bcb65ed (patch)
tree: 815818e3077c629a5b5fe8a63213e4867546d5b6 /core
parent: e8c37943081975b01f5dedc2284892a5335322f8 (diff)
parent: ad10485cec4377119aa14749e8e4aeda6e707f8e (diff)
download: nextcloud-server-d3fb5d618ea5902c989c39d72fd6ac2e5bcb65ed.tar.gz
nextcloud-server-d3fb5d618ea5902c989c39d72fd6ac2e5bcb65ed.zip
3 files changed, 10 insertions, 6 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index ea857bb57df..853aa584d7f 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -190,7 +190,10 @@ class LoginController extends Controller {
 			$args = !is_null($user) ? ['user' => $user] : [];
 			return new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
 		}
-		$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $password);
+		// TODO: remove password checks from above and let the user session handle failures
+		// requires https://github.com/owncloud/core/pull/24616
+		$this->userSession->login($user, $password);
+		$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password);
 
 		if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
 			$this->twoFactorManager->prepareTwoFactorLogin($loginResult);
diff --git a/core/Controller/TokenController.php b/core/Controller/TokenController.php
index 6606a3c8345..beb856e3a65 100644
--- a/core/Controller/TokenController.php
+++ b/core/Controller/TokenController.php
@@ -75,13 +75,14 @@ class TokenController extends Controller {
 			$response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
 			return $response;
 		}
-		if ($this->userManager->checkPassword($user, $password) === false) {
+		$loginResult = $this->userManager->checkPassword($user, $password);
+		if ($loginResult === false) {
 			$response = new Response();
 			$response->setStatus(Http::STATUS_UNAUTHORIZED);
 			return $response;
 		}
 		$token = $this->secureRandom->generate(128);
-		$this->tokenProvider->generateToken($token, $user, $password, $name, IToken::PERMANENT_TOKEN);
+		$this->tokenProvider->generateToken($token, $loginResult->getUID(), $user, $password, $name, IToken::PERMANENT_TOKEN);
 		return [
 			'token' => $token,
 		];
diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php
index 73ccc731231..4f04e7b4c76 100644
--- a/core/Controller/TwoFactorChallengeController.php
+++ b/core/Controller/TwoFactorChallengeController.php
@@ -63,8 +63,8 @@ class TwoFactorChallengeController extends Controller {
 	}
 
 	/**
+	 * @NoAdminRequired
 	 * @NoCSRFRequired
-	 * @PublicPage
 	 *
 	 * @return TemplateResponse
 	 */
@@ -79,8 +79,8 @@ class TwoFactorChallengeController extends Controller {
 	}
 
 	/**
+	 * @NoAdminRequired
 	 * @NoCSRFRequired
-	 * @PublicPage
 	 * @UseSession
 	 *
 	 * @param string $challengeProviderId
@@ -108,8 +108,8 @@ class TwoFactorChallengeController extends Controller {
 	}
 
 	/**
+	 * @NoAdminRequired
 	 * @NoCSRFRequired
-	 * @PublicPage
 	 * @UseSession
 	 *
 	 * @param string $challengeProviderId
author	Vincent Petry <pvince81@owncloud.com>	2016-05-24 17:51:49 +0200
committer	Vincent Petry <pvince81@owncloud.com>	2016-05-24 17:51:49 +0200
commit	d3fb5d618ea5902c989c39d72fd6ac2e5bcb65ed (patch)
tree	815818e3077c629a5b5fe8a63213e4867546d5b6 /core
parent	e8c37943081975b01f5dedc2284892a5335322f8 (diff)
parent	ad10485cec4377119aa14749e8e4aeda6e707f8e (diff)
download	nextcloud-server-d3fb5d618ea5902c989c39d72fd6ac2e5bcb65ed.tar.gz nextcloud-server-d3fb5d618ea5902c989c39d72fd6ac2e5bcb65ed.zip