token based auth

* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token

1 files changed, 43 insertions, 0 deletions

diff --git a/lib/private/Authentication/Token/DefaultTokenMapper.php b/lib/private/Authentication/Token/DefaultTokenMapper.php
new file mode 100644
index 00000000000..35989d0d350
--- /dev/null
+++ b/lib/private/Authentication/Token/DefaultTokenMapper.php
@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * @author Christoph Wurst <christoph@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Authentication\Token;
+
+use OCP\AppFramework\Db\Mapper;
+use OCP\IDBConnection;
+
+class DefaultTokenMapper extends Mapper {
+
+	public function __construct(IDBConnection $db) {
+		parent::__construct($db, 'authtoken');
+	}
+
+	public function getTokenUser($token) {
+		$sql = 'SELECT `uid` '
+			. 'FROM `' . $this->getTableName() . '` '
+			. 'WHERE `token` = ?';
+		return $this->findEntity($sql, [
+				$token
+		]);
+	}
+
+}