diff options
author | Christoph Wurst <christoph@owncloud.com> | 2016-04-27 09:38:30 +0200 |
---|---|---|
committer | Thomas Müller <thomas.mueller@tmit.eu> | 2016-05-11 13:36:46 +0200 |
commit | fdc2cd755477220c027e026aa70594af87427bed (patch) | |
tree | 74fccc3156ed16b44e48189616a8019012f07703 /core | |
parent | 8d4850218740b74faae5af637d1b1c2b3dee3c41 (diff) | |
download | nextcloud-server-fdc2cd755477220c027e026aa70594af87427bed.tar.gz nextcloud-server-fdc2cd755477220c027e026aa70594af87427bed.zip |
Add token auth for OCS APIs
Diffstat (limited to 'core')
-rw-r--r-- | core/Controller/LoginController.php | 2 | ||||
-rw-r--r-- | core/Controller/TokenController.php | 8 |
2 files changed, 7 insertions, 3 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index e13d8ae10d2..7afed6b274a 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -172,7 +172,7 @@ class LoginController extends Controller { if ($this->userManager->checkPassword($user, $password) === false) { return new RedirectResponse($this->urlGenerator->linkToRoute('login#showLoginForm')); } - $this->userSession->createSessionToken($user, $password); + $this->userSession->createSessionToken($this->request, $user, $password); if (!is_null($redirect_url) && $this->userSession->isLoggedIn()) { $location = OC::$server->getURLGenerator()->getAbsoluteURL(urldecode($redirect_url)); // Deny the redirect if the URL contains a @ diff --git a/core/Controller/TokenController.php b/core/Controller/TokenController.php index 8a25ad9bb98..d1d7b50d084 100644 --- a/core/Controller/TokenController.php +++ b/core/Controller/TokenController.php @@ -68,10 +68,14 @@ class TokenController extends Controller { */ public function generateToken($user, $password, $name = 'unknown client') { if (is_null($user) || is_null($password)) { - return new Response([], Http::STATUS_UNPROCESSABLE_ENTITY); + $response = new Response([]); + $response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY); + return $response; } if ($this->userManager->checkPassword($user, $password) === false) { - return new Response([], Http::STATUS_UNAUTHORIZED); + $response = new Response([]); + $response->setStatus(Http::STATUS_UNAUTHORIZED); + return $response; } $token = $this->secureRandom->generate(128); $this->tokenProvider->generateToken($token, $user, $password, $name, IToken::PERMANENT_TOKEN); |