Skip to content

Commit

Permalink
set 'app_password' session value only when using a permanent token
Browse files Browse the repository at this point in the history
Signed-off-by: Julien Veyssier <[email protected]>
  • Loading branch information
Julien Veyssier committed Mar 8, 2022
1 parent ec4280e commit 3f6745a
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 3 deletions.
7 changes: 7 additions & 0 deletions lib/private/Authentication/Token/IToken.php
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,13 @@ public function getName(): string;
*/
public function getRemember(): int;

/**
* Get the token type
*
* @return int
*/
public function getType(): int;

/**
* Set the token
*
Expand Down
5 changes: 4 additions & 1 deletion lib/private/Authentication/Token/PublicKeyToken.php
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@
* @method void setLoginName(string $loginname)
* @method string getToken()
* @method void setType(int $type)
* @method int getType()
* @method void setRemember(int $remember)
* @method void setLastActivity(int $lastactivity)
* @method int getLastActivity()
Expand Down Expand Up @@ -201,6 +200,10 @@ public function setName(string $name): void {
parent::setName($name);
}

public function getType(): int {
return parent::getType();
}

public function getRemember(): int {
return parent::getRemember();
}
Expand Down
3 changes: 1 addition & 2 deletions lib/private/User/Session.php
Original file line number Diff line number Diff line change
Expand Up @@ -847,8 +847,7 @@ public function tryTokenLogin(IRequest $request) {
return true;
}

// Remember me tokens are not app_passwords
if ($dbToken->getRemember() === IToken::DO_NOT_REMEMBER) {
if ($dbToken->getType() === IToken::PERMANENT_TOKEN) {
// Set the session variable so we know this is an app password
$this->session->set('app_password', $token);
}
Expand Down

0 comments on commit 3f6745a

Please sign in to comment.