Remember me is not an app_password
While technically they are stored the same. This session variable is used to indicate that a user is using an app password to authenticate. Like from a client. Or when having it generated automatically. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
8a93263b86
commit
a5951d0d79
|
@ -825,8 +825,18 @@ class Session implements IUserSession, Emitter {
|
|||
return false;
|
||||
}
|
||||
|
||||
// Set the session variable so we know this is an app password
|
||||
$this->session->set('app_password', $token);
|
||||
try {
|
||||
$dbToken = $this->tokenProvider->getToken($token);
|
||||
} catch (InvalidTokenException $e) {
|
||||
// Can't relaly happen but better save than sorry
|
||||
return true;
|
||||
}
|
||||
|
||||
// Remember me tokens are not app_passwords
|
||||
if ($dbToken->getRemember() === IToken::DO_NOT_REMEMBER) {
|
||||
// Set the session variable so we know this is an app password
|
||||
$this->session->set('app_password', $token);
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue