Move basic auth login out of `isLoggedIn`

Potentially fixes https://github.com/owncloud/core/issues/12915 and opens the door for potential other bugs...

Please test very carefully, this includes:

- Testing from OCS via cURL (as in #12915)
- Testing from OCS via browser (Open the "Von Dir geteilt" shares overview)
- WebDAV
- CalDAV
- CardDAV
This commit is contained in:
Lukas Reschke 2014-12-17 20:12:14 +01:00
parent c20be24559
commit b91a435ed4
2 changed files with 10 additions and 5 deletions

View File

@ -760,6 +760,7 @@ class OC {
// Load minimum set of apps
if (!self::checkUpgrade(false)) {
// For logged-in users: Load everything
\OC_User::tryBasicAuthLogin();
if(OC_User::isLoggedIn()) {
OC_App::loadApps();
} else {

View File

@ -319,6 +319,15 @@ class OC_User {
self::getUserSession()->logout();
}
/**
* Tries to login the user with HTTP Basic Authentication
*/
public static function tryBasicAuthLogin() {
if(!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER'])) {
\OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
}
/**
* Check if the user is logged in, considers also the HTTP basic credentials
* @return bool
@ -328,11 +337,6 @@ class OC_User {
return self::userExists(\OC::$server->getSession()->get('user_id'));
}
// Check whether the user has authenticated using Basic Authentication
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
return \OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
return false;
}