diff options
| author | Christoph Wurst <christoph@owncloud.com> | 2016-04-25 14:10:55 +0200 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2016-05-11 13:36:46 +0200 |
| commit | d8cde414bd13c327ec2edaf1ae38380073c93e3e (patch) | |
| tree | a9b49e4cf7717d0af6c09bb412b589811e1547d2 /lib/private/legacy/user.php | |
| parent | f39e163d4a6ee63444bfb6a797e12a482bd0a49f (diff) | |
| download | nextcloud-server-d8cde414bd13c327ec2edaf1ae38380073c93e3e.tar.gz nextcloud-server-d8cde414bd13c327ec2edaf1ae38380073c93e3e.zip | |
token based auth
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
Diffstat (limited to 'lib/private/legacy/user.php')
| -rw-r--r-- | lib/private/legacy/user.php | 25 |
1 files changed, 3 insertions, 22 deletions
diff --git a/lib/private/legacy/user.php b/lib/private/legacy/user.php index 7855b5e7059..575011d3985 100644 --- a/lib/private/legacy/user.php +++ b/lib/private/legacy/user.php @@ -6,6 +6,7 @@ * @author Bart Visscher <bartv@thisnet.nl> * @author Bartek Przybylski <bart.p.pl@gmail.com> * @author Björn Schießle <schiessle@owncloud.com> + * @author Christoph Wurst <christoph@owncloud.com> * @author Florian Preinstorfer <nblock@archlinux.us> * @author Georg Ehrke <georg@owncloud.com> * @author Jakob Sack <mail@jakobsack.de> @@ -155,6 +156,8 @@ class OC_User { * @return boolean|null * * Log in a user and regenerate a new session - if the password is ok + * + * @deprecated Use \OCP\IUserSession::login */ public static function login($loginName, $password) { @@ -284,28 +287,6 @@ class OC_User { } /** - * Tries to login the user with HTTP Basic Authentication - */ - public static function tryBasicAuthLogin() { - if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { - $result = \OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); - if($result === true) { - /** - * Add DAV authenticated. This should in an ideal world not be - * necessary but the iOS App reads cookies from anywhere instead - * only the DAV endpoint. - * This makes sure that the cookies will be valid for the whole scope - * @see https://github.com/owncloud/core/issues/22893 - */ - \OC::$server->getSession()->set( - \OCA\DAV\Connector\Sabre\Auth::DAV_AUTHENTICATED, - \OC::$server->getUserSession()->getUser()->getUID() - ); - } - } - } - - /** * Check if the user is logged in, considers also the HTTP basic credentials * * @deprecated use \OC::$server->getUserSession()->isLoggedIn() |