From e368a745aa5f9eb53327b2875d9fade8b4e8398b Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Mon, 5 Dec 2016 20:57:15 +0100
Subject: Set last-login-check on basic auth

Else the last-login-check fails hard because the session value is not
set and thus defaults to 0.

* Started with tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/User/Session.php | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'lib/private')

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index c3561cf64e3..dcda825b9db 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -423,6 +423,7 @@ class Session implements IUserSession, Emitter {
 	 *
 	 * @todo do not allow basic auth if the user is 2FA enforced
 	 * @param IRequest $request
+	 * @param OC\Security\Bruteforce\Throttler $throttler
 	 * @return boolean if the login was successful
 	 */
 	public function tryBasicAuthLogin(IRequest $request,
@@ -440,6 +441,10 @@ class Session implements IUserSession, Emitter {
 					$this->session->set(
 						Auth::DAV_AUTHENTICATED, $this->getUser()->getUID()
 					);
+
+					// Set the last-password-confirm session to make the sudo mode work
+					 $this->session->set('last-password-confirm', $this->timeFacory->getTime());
+
 					return true;
 				}
 			} catch (PasswordLoginForbiddenException $ex) {
-- 
cgit v1.2.3