summaryrefslogtreecommitdiffstats
path: root/lib/private/legacy/api.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/legacy/api.php')
-rw-r--r--lib/private/legacy/api.php43
1 files changed, 16 insertions, 27 deletions
diff --git a/lib/private/legacy/api.php b/lib/private/legacy/api.php
index 702b9df1927..3fcd9a93ec1 100644
--- a/lib/private/legacy/api.php
+++ b/lib/private/legacy/api.php
@@ -337,7 +337,7 @@ class OC_API {
}
// reuse existing login
- $loggedIn = OC_User::isLoggedIn();
+ $loggedIn = \OC::$server->getUserSession()->isLoggedIn();
if ($loggedIn === true) {
$ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
if ($ocsApiRequest) {
@@ -353,35 +353,24 @@ class OC_API {
// basic auth - because OC_User::login will create a new session we shall only try to login
// if user and pass are set
- if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) ) {
- $authUser = $_SERVER['PHP_AUTH_USER'];
- $authPw = $_SERVER['PHP_AUTH_PW'];
- try {
- $return = OC_User::login($authUser, $authPw);
- } catch (\OC\User\LoginException $e) {
- return false;
+ $userSession = \OC::$server->getUserSession();
+ try {
+ $loginSuccess = $userSession->tryTokenLogin();
+ if (!$loginSuccess) {
+ $loginSuccess = $userSession->tryBasicAuthLogin();
}
- if ($return === true) {
- self::$logoutRequired = true;
-
- // initialize the user's filesystem
- \OC_Util::setUpFS(\OC_User::getUser());
- self::$isLoggedIn = true;
+ } catch (\OC\User\LoginException $e) {
+ return false;
+ }
+
+ if ($loginSuccess === true) {
+ self::$logoutRequired = true;
- /**
- * Add DAV authenticated. This should in an ideal world not be
- * necessary but the iOS App reads cookies from anywhere instead
- * only the DAV endpoint.
- * This makes sure that the cookies will be valid for the whole scope
- * @see https://github.com/owncloud/core/issues/22893
- */
- \OC::$server->getSession()->set(
- \OCA\DAV\Connector\Sabre\Auth::DAV_AUTHENTICATED,
- \OC::$server->getUserSession()->getUser()->getUID()
- );
+ // initialize the user's filesystem
+ \OC_Util::setUpFS(\OC_User::getUser());
+ self::$isLoggedIn = true;
- return \OC_User::getUser();
- }
+ return \OC_User::getUser();
}
return false;
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 15:11:17 +0000