diff --git a/config/config.sample.php b/config/config.sample.php index b1655d0283..33aafab548 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -36,12 +36,6 @@ $CONFIG = array( /* The automatic protocol detection of ownCloud can fail in certain reverse proxy situations. This option allows to manually override the protocol detection. For example "https" */ "overwriteprotocol" => "", -/* Enhanced auth forces users to enter their password again when performing potential sensitive actions like creating or deleting users */ -"enhancedauth" => true, - -/* Time in seconds how long an user is authenticated without entering his password again before performing sensitive actions like creating or deleting users etc...*/ -"enhancedauthtime" => 15 * 60, - /* A proxy to use to connect to the internet. For example "myproxy.org:88" */ "proxy" => "", diff --git a/core/templates/verify.php b/core/templates/verify.php deleted file mode 100644 index 600eaca05b..0000000000 --- a/core/templates/verify.php +++ /dev/null @@ -1,18 +0,0 @@ -
-
- -

- -

-

- - -

- -
-
diff --git a/lib/json.php b/lib/json.php index 5ab877540d..c87de3e200 100644 --- a/lib/json.php +++ b/lib/json.php @@ -74,19 +74,6 @@ class OC_JSON{ exit(); } } - - /** - * Check if the user verified the login with his password - */ - public static function verifyUser() { - if(OC_Config::getValue('enhancedauth', false) === true) { - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - $l = OC_L10N::get('lib'); - self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); - exit(); - } - } - } /** * Send json error msg diff --git a/lib/util.php b/lib/util.php index 06ae37176c..a8576fc105 100755 --- a/lib/util.php +++ b/lib/util.php @@ -360,40 +360,6 @@ class OC_Util { return true; } - /** - * Check if the user verified the login with his password in the last 15 minutes - * If not, the user will be shown a password verification page - */ - public static function verifyUser() { - if(OC_Config::getValue('enhancedauth', false) === true) { - // Check password to set session - if(isset($_POST['password'])) { - if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) { - $_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime', 15 * 60); - } - } - - // Check if the user verified his password - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser())); - exit(); - } - } - } - - /** - * Check if the user verified the login with his password - * @return bool - */ - public static function isUserVerified() { - if(OC_Config::getValue('enhancedauth', false) === true) { - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - return false; - } - } - return true; - } - /** * Redirect to the user default page */ diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php index aed000f7f2..8d45e62e4d 100644 --- a/settings/ajax/changepassword.php +++ b/settings/ajax/changepassword.php @@ -30,10 +30,6 @@ if(is_null($userstatus)) { exit(); } -if($userstatus === 'admin' || $userstatus === 'subadmin') { - OC_JSON::verifyUser(); -} - // Return Success story if( OC_User::setPassword( $username, $password )) { OC_JSON::success(array("data" => array( "username" => $username ))); diff --git a/settings/settings.php b/settings/settings.php index add94b5b01..1e05452ec4 100644 --- a/settings/settings.php +++ b/settings/settings.php @@ -6,7 +6,6 @@ */ OC_Util::checkLoggedIn(); -OC_Util::verifyUser(); OC_App::loadApps(); OC_Util::addStyle( 'settings', 'settings' );