From 28ce7dd262fbf748c46b915b67ac6c332fed8420 Mon Sep 17 00:00:00 2001
From: Christoph Wurst <christoph@owncloud.com>
Date: Tue, 24 May 2016 14:08:42 +0200
Subject: do not allow client password logins if token auth is enforced or 2FA
 is enabled

---
 apps/dav/lib/Connector/Sabre/Auth.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'apps/dav/lib/Connector/Sabre')

diff --git a/apps/dav/lib/Connector/Sabre/Auth.php b/apps/dav/lib/Connector/Sabre/Auth.php
index 88898f272c5..cbb2c2b63bd 100644
--- a/apps/dav/lib/Connector/Sabre/Auth.php
+++ b/apps/dav/lib/Connector/Sabre/Auth.php
@@ -103,8 +103,7 @@ class Auth extends AbstractBasic {
 			return true;
 		} else {
 			\OC_Util::setUpFS(); //login hooks may need early access to the filesystem
-			// TODO: do not allow basic auth if the user is 2FA enforced
-			if($this->userSession->login($username, $password)) {
+			if($this->userSession->logClientIn($username, $password)) {
 				$this->userSession->createSessionToken($this->request, $this->userSession->getUser()->getUID(), $username, $password);
 				\OC_Util::setUpFS($this->userSession->getUser()->getUID());
 				$this->session->set(self::DAV_AUTHENTICATED, $this->userSession->getUser()->getUID());
-- 
cgit v1.2.3