aboutsummaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorChristoph Wurst <christoph@owncloud.com>2016-04-27 09:38:30 +0200
committerThomas Müller <thomas.mueller@tmit.eu>2016-05-11 13:36:46 +0200
commitfdc2cd755477220c027e026aa70594af87427bed (patch)
tree74fccc3156ed16b44e48189616a8019012f07703 /core
parent8d4850218740b74faae5af637d1b1c2b3dee3c41 (diff)
downloadnextcloud-server-fdc2cd755477220c027e026aa70594af87427bed.tar.gz
nextcloud-server-fdc2cd755477220c027e026aa70594af87427bed.zip
Add token auth for OCS APIs
Diffstat (limited to 'core')
-rw-r--r--core/Controller/LoginController.php2
-rw-r--r--core/Controller/TokenController.php8
2 files changed, 7 insertions, 3 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index e13d8ae10d2..7afed6b274a 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -172,7 +172,7 @@ class LoginController extends Controller {
if ($this->userManager->checkPassword($user, $password) === false) {
return new RedirectResponse($this->urlGenerator->linkToRoute('login#showLoginForm'));
}
- $this->userSession->createSessionToken($user, $password);
+ $this->userSession->createSessionToken($this->request, $user, $password);
if (!is_null($redirect_url) && $this->userSession->isLoggedIn()) {
$location = OC::$server->getURLGenerator()->getAbsoluteURL(urldecode($redirect_url));
// Deny the redirect if the URL contains a @
diff --git a/core/Controller/TokenController.php b/core/Controller/TokenController.php
index 8a25ad9bb98..d1d7b50d084 100644
--- a/core/Controller/TokenController.php
+++ b/core/Controller/TokenController.php
@@ -68,10 +68,14 @@ class TokenController extends Controller {
*/
public function generateToken($user, $password, $name = 'unknown client') {
if (is_null($user) || is_null($password)) {
- return new Response([], Http::STATUS_UNPROCESSABLE_ENTITY);
+ $response = new Response([]);
+ $response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
+ return $response;
}
if ($this->userManager->checkPassword($user, $password) === false) {
- return new Response([], Http::STATUS_UNAUTHORIZED);
+ $response = new Response([]);
+ $response->setStatus(Http::STATUS_UNAUTHORIZED);
+ return $response;
}
$token = $this->secureRandom->generate(128);
$this->tokenProvider->generateToken($token, $user, $password, $name, IToken::PERMANENT_TOKEN);