verifyUser() for the json part

1 files changed, 14 insertions, 2 deletions

diff --git a/lib/json.php b/lib/json.php
index 518c3c87c49..89509710745 100644
--- a/lib/json.php
+++ b/lib/json.php
@@ -58,7 +58,7 @@ class OC_JSON{
 	*/
 	public static function checkAdminUser() {
 		self::checkLoggedIn();
-		if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) {
+		if( !OC_Group::inGroup( OC_User::getUser(), 'admin' ) || self::verifyUser() === false) {
 			$l = OC_L10N::get('lib');
 			self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
 			exit();
@@ -70,7 +70,7 @@ class OC_JSON{
 	*/
 	public static function checkSubAdminUser() {
 		self::checkLoggedIn();
-		if(!OC_Group::inGroup(OC_User::getUser(),'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
+		if(!OC_Group::inGroup(OC_User::getUser(),'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser()) || self::verifyUser() === false) {
 			$l = OC_L10N::get('lib');
 			self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
 			exit();
@@ -78,6 +78,18 @@ class OC_JSON{
 	}
 
 	/**
+	* Check if the user verified the login with his password in the last 15 minutes
+	* @return bool
+	*/
+	public static function verifyUser() {
+		// Check if the user verified his password in the last 15 minutes
+		if($_SESSION['verifiedLogin'] < time() OR !isset($_SESSION['verifiedLogin'])) {
+			return false;
+		}
+		return true;
+	}
+
+	/**
 	* Send json error msg
 	*/
 	public static function error($data = array()) {