mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #12148 from nextcloud/suppress-wrong-audit-log-message 

suppress wrong audit log messages about failed login attempts
This commit is contained in:
Roeland Jago Douma 2018-11-02 13:52:50 +01:00 committed by GitHub
parent 88cf60a149 0efd29f41f
commit 7ba8700ba1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/dav/lib/Connector/Sabre/Auth.php
View File

@ -228,11 +228,12 @@ class Auth extends AbstractBasic {
if($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
}
if (\OC_User::handleApacheAuth() ||
if (
//Fix for broken webdav clients
($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
//Well behaved clients that only send the cookie are allowed
($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null) ||
\OC_User::handleApacheAuth()
) {
$user = $this->userSession->getUser()->getUID();
\OC_Util::setupFS($user);