Merge pull request #2797 from nextcloud/issue-2734-sudo-password-with-ldap
Use login name to fix password confirm with ldap users
This commit is contained in:
commit
ba7f5105f0
|
@ -298,14 +298,10 @@ class LoginController extends Controller {
|
|||
$currentDelay = $this->throttler->getDelay($this->request->getRemoteAddress());
|
||||
$this->throttler->sleepDelay($this->request->getRemoteAddress());
|
||||
|
||||
$user = $this->userSession->getUser();
|
||||
if (!$user instanceof IUser) {
|
||||
return new DataResponse([], Http::STATUS_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
$loginResult = $this->userManager->checkPassword($user->getUID(), $password);
|
||||
$loginName = $this->userSession->getLoginName();
|
||||
$loginResult = $this->userManager->checkPassword($loginName, $password);
|
||||
if ($loginResult === false) {
|
||||
$this->throttler->registerAttempt('sudo', $this->request->getRemoteAddress(), ['user' => $user->getUID()]);
|
||||
$this->throttler->registerAttempt('sudo', $this->request->getRemoteAddress(), ['user' => $loginName]);
|
||||
if ($currentDelay === 0) {
|
||||
$this->throttler->sleepDelay($this->request->getRemoteAddress());
|
||||
}
|
||||
|
|
|
@ -743,6 +743,7 @@ class Session implements IUserSession, Emitter {
|
|||
|
||||
//login
|
||||
$this->setUser($user);
|
||||
$this->setLoginName($this->tokenProvider->getToken($sessionId)->getLoginName());
|
||||
$user->updateLastLoginTimestamp();
|
||||
$this->manager->emit('\OC\User', 'postRememberedLogin', [$user]);
|
||||
return true;
|
||||
|
|
|
@ -528,7 +528,7 @@ class SessionTest extends \Test\TestCase {
|
|||
->getMock();
|
||||
$userSession = $this->getMockBuilder(Session::class)
|
||||
//override, otherwise tests will fail because of setcookie()
|
||||
->setMethods(['setMagicInCookie'])
|
||||
->setMethods(['setMagicInCookie', 'setLoginName'])
|
||||
->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
|
||||
->getMock();
|
||||
|
||||
|
@ -566,6 +566,15 @@ class SessionTest extends \Test\TestCase {
|
|||
->with($oldSessionId, $sessionId)
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$tokenObject = $this->createMock(IToken::class);
|
||||
$tokenObject->expects($this->once())
|
||||
->method('getLoginName')
|
||||
->willReturn('foobar');
|
||||
$this->tokenProvider->expects($this->once())
|
||||
->method('getToken')
|
||||
->with($sessionId)
|
||||
->willReturn($tokenObject);
|
||||
|
||||
$user->expects($this->any())
|
||||
->method('getUID')
|
||||
->will($this->returnValue('foo'));
|
||||
|
@ -576,6 +585,9 @@ class SessionTest extends \Test\TestCase {
|
|||
$session->expects($this->once())
|
||||
->method('set')
|
||||
->with('user_id', 'foo');
|
||||
$userSession->expects($this->once())
|
||||
->method('setLoginName')
|
||||
->willReturn('foobar');
|
||||
|
||||
$granted = $userSession->loginWithCookie('foo', $token, $oldSessionId);
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@ class UserTest extends TestCase {
|
|||
protected function setUp(){
|
||||
parent::setUp();
|
||||
|
||||
$this->backend = $this->getMock('\Test\Util\User\Dummy');
|
||||
$this->backend = $this->createMock(\Test\Util\User\Dummy::class);
|
||||
$manager = \OC::$server->getUserManager();
|
||||
$manager->registerBackend($this->backend);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue