From fdc2cd755477220c027e026aa70594af87427bed Mon Sep 17 00:00:00 2001
From: Christoph Wurst <christoph@owncloud.com>
Date: Wed, 27 Apr 2016 09:38:30 +0200
Subject: Add token auth for OCS APIs

---
 core/Controller/LoginController.php | 2 +-
 core/Controller/TokenController.php | 8 ++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'core/Controller')

diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index e13d8ae10d2..7afed6b274a 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -172,7 +172,7 @@ class LoginController extends Controller {
 		if ($this->userManager->checkPassword($user, $password) === false) {
 			return new RedirectResponse($this->urlGenerator->linkToRoute('login#showLoginForm'));
 		}
-		$this->userSession->createSessionToken($user, $password);
+		$this->userSession->createSessionToken($this->request, $user, $password);
 		if (!is_null($redirect_url) && $this->userSession->isLoggedIn()) {
 			$location = OC::$server->getURLGenerator()->getAbsoluteURL(urldecode($redirect_url));
 			// Deny the redirect if the URL contains a @
diff --git a/core/Controller/TokenController.php b/core/Controller/TokenController.php
index 8a25ad9bb98..d1d7b50d084 100644
--- a/core/Controller/TokenController.php
+++ b/core/Controller/TokenController.php
@@ -68,10 +68,14 @@ class TokenController extends Controller {
 	 */
 	public function generateToken($user, $password, $name = 'unknown client') {
 		if (is_null($user) || is_null($password)) {
-			return new Response([], Http::STATUS_UNPROCESSABLE_ENTITY);
+			$response = new Response([]);
+			$response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
+			return $response;
 		}
 		if ($this->userManager->checkPassword($user, $password) === false) {
-			return new Response([], Http::STATUS_UNAUTHORIZED);
+			$response = new Response([]);
+			$response->setStatus(Http::STATUS_UNAUTHORIZED);
+			return $response;
 		}
 		$token = $this->secureRandom->generate(128);
 		$this->tokenProvider->generateToken($token, $user, $password, $name, IToken::PERMANENT_TOKEN);
-- 
cgit v1.2.3