diff options
author | Christoph Wurst <christoph@owncloud.com> | 2016-06-13 16:00:49 +0200 |
---|---|---|
committer | Christoph Wurst <christoph@owncloud.com> | 2016-06-13 19:44:05 +0200 |
commit | 465807490d7648e5675f1cdbc5b1d232cda4feee (patch) | |
tree | b00e74e21eef32523bc3ff63247865daa087a94e /lib | |
parent | 331d88bcabd4a66b0efc89fa28b90d26e88f4637 (diff) | |
download | nextcloud-server-465807490d7648e5675f1cdbc5b1d232cda4feee.tar.gz nextcloud-server-465807490d7648e5675f1cdbc5b1d232cda4feee.zip |
create session token only for clients that support cookies
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/User/Session.php | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 0376e81b6dc..0cebb3e0613 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -370,11 +370,21 @@ class Session implements IUserSession, Emitter { return false; } - $this->createSessionToken($request, $this->getUser()->getUID(), $user, $password); + if ($this->supportsCookies($request)) { + $this->createSessionToken($request, $this->getUser()->getUID(), $user, $password); + } return true; } + protected function supportsCookies(IRequest $request) { + if (!is_null($request->getCookie('cookie_test'))) { + return true; + } + setcookie('cookie_test', 'test', $this->timeFacory->getTime() + 3600); + return false; + } + private function isTokenAuthEnforced() { return $this->config->getSystemValue('token_auth_enforced', false); } @@ -432,7 +442,6 @@ class Session implements IUserSession, Emitter { */ public function tryBasicAuthLogin(IRequest $request) { if (!empty($request->server['PHP_AUTH_USER']) && !empty($request->server['PHP_AUTH_PW'])) { - $request = \OC::$server->getRequest(); $result = $this->logClientIn($request->server['PHP_AUTH_USER'], $request->server['PHP_AUTH_PW'], $request); if ($result === true) { /** |