From 7c47f822a14caf91b5203be0053ddcdac40e9992 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 26 Jan 2017 11:08:26 +0100 Subject: [PATCH] Save the used token id in the session so it can be used later on Signed-off-by: Joas Schilling --- lib/private/User/Session.php | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 9cc42e671a..705ca95210 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -283,6 +283,19 @@ class Session implements IUserSession, Emitter { } } + /** + * set the token id + * + * @param int|null $token that was used to log in + */ + protected function setToken($token) { + if ($token === null) { + $this->session->remove('token-id'); + } else { + $this->session->set('token-id', $token); + } + } + /** * try to log in with the provided credentials * @@ -473,6 +486,7 @@ class Session implements IUserSession, Emitter { if ($user->isEnabled()) { $this->setUser($user); $this->setLoginName($uid); + $this->setToken(null); $firstTimeLogin = $user->updateLastLoginTimestamp(); $this->manager->emit('\OC\User', 'postLogin', [$user, $password]); if ($this->isLoggedIn()) { @@ -495,7 +509,7 @@ class Session implements IUserSession, Emitter { * * @param string $token * @return boolean - * @throws LoginException if an app canceld the login process or the user is not enabled + * @throws LoginException if an app canceled the login process or the user is not enabled */ private function loginWithToken($token) { try { @@ -530,6 +544,7 @@ class Session implements IUserSession, Emitter { //login $this->setUser($user); $this->setLoginName($dbToken->getLoginName()); + $this->setToken($dbToken->getId()); \OC::$server->getLockdownManager()->setToken($dbToken); $this->manager->emit('\OC\User', 'postLogin', array($user, $password)); @@ -740,10 +755,12 @@ class Session implements IUserSession, Emitter { } $this->setMagicInCookie($user->getUID(), $newToken); + $token = $this->tokenProvider->getToken($sessionId); //login $this->setUser($user); - $this->setLoginName($this->tokenProvider->getToken($sessionId)->getLoginName()); + $this->setLoginName($token->getLoginName()); + $this->setToken($token->getId()); $user->updateLastLoginTimestamp(); $this->manager->emit('\OC\User', 'postRememberedLogin', [$user]); return true; @@ -773,6 +790,7 @@ class Session implements IUserSession, Emitter { } $this->setUser(null); $this->setLoginName(null); + $this->setToken(null); $this->unsetMagicInCookie(); $this->session->clear(); }