On webdav sesssions, loginname was compared to username which does not need to match necessarily
This commit is contained in:
parent
6408125edc
commit
91d6a6dd7c
|
@ -527,10 +527,9 @@ class OC {
|
|||
|
||||
OC_User::useBackend(new OC_User_Database());
|
||||
OC_Group::useBackend(new OC_Group_Database());
|
||||
|
||||
if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('user_id')
|
||||
&& $_SERVER['PHP_AUTH_USER'] != self::$session->get('user_id')) {
|
||||
$sessionUser = self::$session->get('user_id');
|
||||
&& $_SERVER['PHP_AUTH_USER'] != self::$session->get('loginname')) {
|
||||
$sessionUser = self::$session->get('loginname');
|
||||
$serverUser = $_SERVER['PHP_AUTH_USER'];
|
||||
OC_Log::write('core',
|
||||
"Session user-id ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).",
|
||||
|
@ -805,7 +804,7 @@ class OC {
|
|||
if ( OC_Config::getValue('log_authfailip', false) ) {
|
||||
OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
|
||||
OC_Log::WARN);
|
||||
} else {
|
||||
} else {
|
||||
OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:set log_authfailip=true in conf',
|
||||
OC_Log::WARN);
|
||||
}
|
||||
|
|
|
@ -112,6 +112,38 @@ class Session implements Emitter, \OCP\IUserSession {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* set the login name
|
||||
*
|
||||
* @param string login name for the logged in user
|
||||
*/
|
||||
public function setLoginname($loginname) {
|
||||
if (is_null($loginname)) {
|
||||
$this->session->remove('loginname');
|
||||
} else {
|
||||
$this->session->set('loginname', $loginname);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* get the login name of the current user
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getLoginname() {
|
||||
if ($this->activeUser) {
|
||||
return $this->session->get('loginname');
|
||||
} else {
|
||||
$uid = $this->session->get('user_id');
|
||||
if ($uid) {
|
||||
$this->activeUser = $this->manager->get($uid);
|
||||
return $this->session->get('loginname');
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* try to login with the provided credentials
|
||||
*
|
||||
|
@ -126,6 +158,7 @@ class Session implements Emitter, \OCP\IUserSession {
|
|||
if (!is_null($user)) {
|
||||
if ($user->isEnabled()) {
|
||||
$this->setUser($user);
|
||||
$this->setLoginname($uid);
|
||||
$this->manager->emit('\OC\User', 'postLogin', array($user, $password));
|
||||
return true;
|
||||
} else {
|
||||
|
@ -143,6 +176,7 @@ class Session implements Emitter, \OCP\IUserSession {
|
|||
public function logout() {
|
||||
$this->manager->emit('\OC\User', 'logout');
|
||||
$this->setUser(null);
|
||||
$this->setLoginname(null);
|
||||
$this->unsetMagicInCookie();
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue