1 files changed, 17 insertions, 2 deletions

diff --git a/lib/json.php b/lib/json.php
index 518c3c87c49..204430411c0 100644
--- a/lib/json.php
+++ b/lib/json.php
@@ -58,6 +58,7 @@ class OC_JSON{
 	*/
 	public static function checkAdminUser() {
 		self::checkLoggedIn();
+		self::verifyUser();
 		if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) {
 			$l = OC_L10N::get('lib');
 			self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
@@ -70,7 +71,8 @@ class OC_JSON{
 	*/
 	public static function checkSubAdminUser() {
 		self::checkLoggedIn();
-		if(!OC_Group::inGroup(OC_User::getUser(),'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
+		self::verifyUser();
+		if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
 			$l = OC_L10N::get('lib');
 			self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
 			exit();
@@ -78,6 +80,19 @@ class OC_JSON{
 	}
 
 	/**
+	* Check if the user verified the login with his password
+	*/
+	public static function verifyUser() {
+		if(OC_Config::getValue('enhancedauth', false) === true) {
+			if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
+				$l = OC_L10N::get('lib');
+				self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
+				exit();
+			}
+		}
+	}
+	
+	/**
 	* Send json error msg
 	*/
 	public static function error($data = array()) {
@@ -105,7 +120,7 @@ class OC_JSON{
 	/**
 	* Encode and print $data in json format
 	*/
-	public static function encodedPrint($data,$setContentType=true) {
+	public static function encodedPrint($data, $setContentType=true) {
 		// Disable mimesniffing, don't move this to setContentTypeHeader!
 		header( 'X-Content-Type-Options: nosniff' );
 		if($setContentType) {