From e6947bd6ca19792b25c08cc3361975897735251f Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Fri, 4 Dec 2020 12:40:28 +0100
Subject: [PATCH 1/2] Remember me is not an app_password

While technically they are stored the same. This session variable is
used to indicate that a user is using an app password to authenticate.
Like from a client. Or when having it generated automatically.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/User/Session.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 37d518b612..06ae8f046b 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -832,8 +832,18 @@ class Session implements IUserSession, Emitter {
 			return false;
 		}
 
-		// Set the session variable so we know this is an app password
-		$this->session->set('app_password', $token);
+		try {
+			$dbToken = $this->tokenProvider->getToken($token);
+		} catch (InvalidTokenException $e) {
+			// Can't relaly happen but better save than sorry
+			return true;
+		}
+
+		// Remember me tokens are not app_passwords
+		if ($dbToken->getRemember() === IToken::DO_NOT_REMEMBER) {
+			// Set the session variable so we know this is an app password
+			$this->session->set('app_password', $token);
+		}
 
 		return true;
 	}

From 607e9020703a4b6c33ac17b1b9e6f204d1ca7c01 Mon Sep 17 00:00:00 2001
From: Morris Jobke <hey@morrisjobke.de>
Date: Fri, 4 Dec 2020 12:51:45 +0100
Subject: [PATCH 2/2] Fix typo

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
---
 lib/private/User/Session.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 06ae8f046b..c2294cb161 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -835,7 +835,7 @@ class Session implements IUserSession, Emitter {
 		try {
 			$dbToken = $this->tokenProvider->getToken($token);
 		} catch (InvalidTokenException $e) {
-			// Can't relaly happen but better save than sorry
+			// Can't really happen but better save than sorry
 			return true;
 		}