Skip to content

Commit

Permalink
Merge pull request #24552 from nextcloud/enh/remember_me_is_not_app_p…
Browse files Browse the repository at this point in the history 
…assword

Remember me is not an app_password
  • Loading branch information
@rullzer
rullzer authored Dec 4, 2020
2 parents 0d7819e + 5cc348a commit f0862dc
Showing 1 changed file with 12 additions and 2 deletions.
14 changes: 12 additions & 2 deletions lib/private/User/Session.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -832,8 +832,18 @@ public function tryTokenLogin(IRequest $request) {
return false;
}

// Set the session variable so we know this is an app password
$this->session->set('app_password', $token);
try {
$dbToken = $this->tokenProvider->getToken($token);
} catch (InvalidTokenException $e) {
// Can't really happen but better save than sorry
return true;
}

// Remember me tokens are not app_passwords
if ($dbToken->getRemember() === IToken::DO_NOT_REMEMBER) {
// Set the session variable so we know this is an app password
$this->session->set('app_password', $token);
}

return true;
}
Expand Down

0 comments on commit f0862dc

Please sign in to comment.