diff options
| -rw-r--r-- | apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php b/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php index 6bf6b61f164..b8279f5ca61 100644 --- a/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php +++ b/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php @@ -79,6 +79,11 @@ class LoginCredentials extends AuthMechanism { try { $sessionCredentials = $this->credentialsStore->getLoginCredentials(); + if ($sessionCredentials->getUID() !== $user->getUID()) { + // Can't take the credentials from the session as they are not the same user + throw new CredentialsUnavailableException(); + } + $credentials = [ 'user' => $sessionCredentials->getLoginName(), 'password' => $sessionCredentials->getPassword() |