diff options
| -rw-r--r-- | core/Controller/LoginController.php | 13 | ||||
| -rw-r--r-- | core/openapi.json | 57 |
2 files changed, 69 insertions, 1 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index beeb2034fb7..9e5eab4fece 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -43,6 +43,7 @@ use OC\User\Session; use OC_App; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; +use OCP\AppFramework\Http\Attribute\NoCSRFRequired; use OCP\AppFramework\Http\Attribute\OpenAPI; use OCP\AppFramework\Http\Attribute\UseSession; use OCP\AppFramework\Http\DataResponse; @@ -61,7 +62,6 @@ use OCP\Notification\IManager; use OCP\Security\Bruteforce\IThrottler; use OCP\Util; -#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] class LoginController extends Controller { public const LOGIN_MSG_INVALIDPASSWORD = 'invalidpassword'; public const LOGIN_MSG_USERDISABLED = 'userdisabled'; @@ -126,6 +126,7 @@ class LoginController extends Controller { * @return TemplateResponse|RedirectResponse */ #[UseSession] + #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] public function showLoginForm(string $user = null, string $redirect_url = null): Http\Response { if ($this->userSession->isLoggedIn()) { return new RedirectResponse($this->urlGenerator->linkToDefaultPageUrl()); @@ -274,6 +275,7 @@ class LoginController extends Controller { * @return RedirectResponse */ #[UseSession] + #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] public function tryLogin(Chain $loginChain, string $user = '', string $password = '', @@ -352,13 +354,22 @@ class LoginController extends Controller { } /** + * Confirm the user password + * * @NoAdminRequired * @BruteForceProtection(action=sudo) * * @license GNU AGPL version 3 or any later version * + * @param string $password The password of the user + * + * @return DataResponse<Http::STATUS_OK, array{lastLogin: int}, array{}>|DataResponse<Http::STATUS_FORBIDDEN, array<empty>, array{}> + * + * 200: Password confirmation succeeded + * 403: Password confirmation failed */ #[UseSession] + #[NoCSRFRequired] public function confirmPassword(string $password): DataResponse { $loginName = $this->userSession->getLoginName(); $loginResult = $this->userManager->checkPassword($loginName, $password); diff --git a/core/openapi.json b/core/openapi.json index 784cce560cd..9bfee0d40b9 100644 --- a/core/openapi.json +++ b/core/openapi.json @@ -919,6 +919,63 @@ } } }, + "/index.php/login/confirm": { + "post": { + "operationId": "login-confirm-password", + "summary": "Confirm the user password", + "tags": [ + "login" + ], + "security": [ + { + "bearer_auth": [] + }, + { + "basic_auth": [] + } + ], + "parameters": [ + { + "name": "password", + "in": "query", + "description": "The password of the user", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Password confirmation succeeded", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "lastLogin" + ], + "properties": { + "lastLogin": { + "type": "integer", + "format": "int64" + } + } + } + } + } + }, + "403": { + "description": "Password confirmation failed", + "content": { + "application/json": { + "schema": {} + } + } + } + } + } + }, "/index.php/login/v2/poll": { "post": { "operationId": "client_flow_login_v2-poll", |