diff options
author | Thomas Müller <thomas.mueller@tmit.eu> | 2014-03-07 20:00:34 +0100 |
---|---|---|
committer | Thomas Müller <thomas.mueller@tmit.eu> | 2014-03-07 20:00:34 +0100 |
commit | 0d90b90d9402cbcab4037efc913728cdeb4eadbd (patch) | |
tree | 95a53fcbf5fd0d35017019bcc64ba7dfbf8a4067 /lib/private | |
parent | 3eb58d9973706b1cc3f51f024e362779d278ee49 (diff) | |
download | nextcloud-server-0d90b90d9402cbcab4037efc913728cdeb4eadbd.tar.gz nextcloud-server-0d90b90d9402cbcab4037efc913728cdeb4eadbd.zip |
we first shall check if the current session is valid - otherwise the session-id will be regenerated on login via basic auth
Diffstat (limited to 'lib/private')
-rw-r--r-- | lib/private/api.php | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/lib/private/api.php b/lib/private/api.php index 3f96196e6df..e9d31242e3a 100644 --- a/lib/private/api.php +++ b/lib/private/api.php @@ -270,7 +270,19 @@ class OC_API { * @return string|false (username, or false on failure) */ private static function loginUser(){ - // basic auth + + // reuse existing login + $loggedIn = OC_User::isLoggedIn(); + $ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false; + if ($loggedIn === true && $ocsApiRequest) { + + // initialize the user's filesystem + \OC_Util::setUpFS(\OC_User::getUser()); + + return OC_User::getUser(); + } + + // basic auth $authUser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : ''; $authPw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : ''; $return = OC_User::login($authUser, $authPw); @@ -283,17 +295,6 @@ class OC_API { return $authUser; } - // reuse existing login - $loggedIn = OC_User::isLoggedIn(); - $ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false; - if ($loggedIn === true && $ocsApiRequest) { - - // initialize the user's filesystem - \OC_Util::setUpFS(\OC_User::getUser()); - - return OC_User::getUser(); - } - return false; } |