From 7dbb6ea7ba4e5e888eaba897602ae9762947dcb6 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Fri, 4 Dec 2020 12:40:28 +0100 Subject: [PATCH 1/2] Remember me is not an app_password While technically they are stored the same. This session variable is used to indicate that a user is using an app password to authenticate. Like from a client. Or when having it generated automatically. Signed-off-by: Roeland Jago Douma --- lib/private/User/Session.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index b3e9ce722c7..0256bbc98a6 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -825,8 +825,18 @@ class Session implements IUserSession, Emitter { return false; } - // Set the session variable so we know this is an app password - $this->session->set('app_password', $token); + try { + $dbToken = $this->tokenProvider->getToken($token); + } catch (InvalidTokenException $e) { + // Can't relaly happen but better save than sorry + return true; + } + + // Remember me tokens are not app_passwords + if ($dbToken->getRemember() === IToken::DO_NOT_REMEMBER) { + // Set the session variable so we know this is an app password + $this->session->set('app_password', $token); + } return true; } From 29ee3859278d57292238ad6884fbea44fcc91b34 Mon Sep 17 00:00:00 2001 From: Morris Jobke Date: Fri, 4 Dec 2020 12:51:45 +0100 Subject: [PATCH 2/2] Fix typo Signed-off-by: Morris Jobke --- lib/private/User/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 0256bbc98a6..81e6fe7e7b5 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -828,7 +828,7 @@ class Session implements IUserSession, Emitter { try { $dbToken = $this->tokenProvider->getToken($token); } catch (InvalidTokenException $e) { - // Can't relaly happen but better save than sorry + // Can't really happen but better save than sorry return true; }