View GitHub Repository server

Schedule Inspection
Subscribe
Completed
Push — stable13 ( ae17e5...1a2878 )
by Morris
76:44 queued 05:21
created
Status
Category
Toggle Patches
core/Controller/LoginController.php 1 patch
Indentation   +263 added lines, -263 removed lines patch added patch discarded remove patch 
@@ -56,294 +56,294 @@
 
 block discarded – undo
56 56 
 use OCP\Util;
57 57
58 58 
 class LoginController extends Controller {
59 
-	/** @var IUserManager */
60 
-	private $userManager;
61 
-	/** @var IConfig */
62 
-	private $config;
63 
-	/** @var ISession */
64 
-	private $session;
65 
-	/** @var IUserSession|Session */
66 
-	private $userSession;
67 
-	/** @var IURLGenerator */
68 
-	private $urlGenerator;
69 
-	/** @var ILogger */
70 
-	private $logger;
71 
-	/** @var Manager */
72 
-	private $twoFactorManager;
73 
-	/** @var Defaults */
74 
-	private $defaults;
59 
+    /** @var IUserManager */
60 
+    private $userManager;
61 
+    /** @var IConfig */
62 
+    private $config;
63 
+    /** @var ISession */
64 
+    private $session;
65 
+    /** @var IUserSession|Session */
66 
+    private $userSession;
67 
+    /** @var IURLGenerator */
68 
+    private $urlGenerator;
69 
+    /** @var ILogger */
70 
+    private $logger;
71 
+    /** @var Manager */
72 
+    private $twoFactorManager;
73 
+    /** @var Defaults */
74 
+    private $defaults;
75 75
76 
-	/**
77 
-	 * @param string $appName
78 
-	 * @param IRequest $request
79 
-	 * @param IUserManager $userManager
80 
-	 * @param IConfig $config
81 
-	 * @param ISession $session
82 
-	 * @param IUserSession $userSession
83 
-	 * @param IURLGenerator $urlGenerator
84 
-	 * @param ILogger $logger
85 
-	 * @param Manager $twoFactorManager
86 
-	 * @param Defaults $defaults
87 
-	 */
88 
-	public function __construct($appName,
89 
-								IRequest $request,
90 
-								IUserManager $userManager,
91 
-								IConfig $config,
92 
-								ISession $session,
93 
-								IUserSession $userSession,
94 
-								IURLGenerator $urlGenerator,
95 
-								ILogger $logger,
96 
-								Manager $twoFactorManager,
97 
-								Defaults $defaults) {
98 
-		parent::__construct($appName, $request);
99 
-		$this->userManager = $userManager;
100 
-		$this->config = $config;
101 
-		$this->session = $session;
102 
-		$this->userSession = $userSession;
103 
-		$this->urlGenerator = $urlGenerator;
104 
-		$this->logger = $logger;
105 
-		$this->twoFactorManager = $twoFactorManager;
106 
-		$this->defaults = $defaults;
107 
-	}
76 
+    /**
77 
+     * @param string $appName
78 
+     * @param IRequest $request
79 
+     * @param IUserManager $userManager
80 
+     * @param IConfig $config
81 
+     * @param ISession $session
82 
+     * @param IUserSession $userSession
83 
+     * @param IURLGenerator $urlGenerator
84 
+     * @param ILogger $logger
85 
+     * @param Manager $twoFactorManager
86 
+     * @param Defaults $defaults
87 
+     */
88 
+    public function __construct($appName,
89 
+                                IRequest $request,
90 
+                                IUserManager $userManager,
91 
+                                IConfig $config,
92 
+                                ISession $session,
93 
+                                IUserSession $userSession,
94 
+                                IURLGenerator $urlGenerator,
95 
+                                ILogger $logger,
96 
+                                Manager $twoFactorManager,
97 
+                                Defaults $defaults) {
98 
+        parent::__construct($appName, $request);
99 
+        $this->userManager = $userManager;
100 
+        $this->config = $config;
101 
+        $this->session = $session;
102 
+        $this->userSession = $userSession;
103 
+        $this->urlGenerator = $urlGenerator;
104 
+        $this->logger = $logger;
105 
+        $this->twoFactorManager = $twoFactorManager;
106 
+        $this->defaults = $defaults;
107 
+    }
108 108
109 
-	/**
110 
-	 * @NoAdminRequired
111 
-	 * @UseSession
112 
-	 *
113 
-	 * @return RedirectResponse
114 
-	 */
115 
-	public function logout() {
116 
-		$loginToken = $this->request->getCookie('nc_token');
117 
-		if (!is_null($loginToken)) {
118 
-			$this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
119 
-		}
120 
-		$this->userSession->logout();
109 
+    /**
110 
+     * @NoAdminRequired
111 
+     * @UseSession
112 
+     *
113 
+     * @return RedirectResponse
114 
+     */
115 
+    public function logout() {
116 
+        $loginToken = $this->request->getCookie('nc_token');
117 
+        if (!is_null($loginToken)) {
118 
+            $this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
119 
+        }
120 
+        $this->userSession->logout();
121 121
122 
-		$response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
123 
-		$response->addHeader('Clear-Site-Data', '"cache", "storage", "executionContexts"');
124 
-		return $response;
125 
-	}
122 
+        $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
123 
+        $response->addHeader('Clear-Site-Data', '"cache", "storage", "executionContexts"');
124 
+        return $response;
125 
+    }
126 126
127 
-	/**
128 
-	 * @PublicPage
129 
-	 * @NoCSRFRequired
130 
-	 * @UseSession
131 
-	 *
132 
-	 * @param string $user
133 
-	 * @param string $redirect_url
134 
-	 * @param string $remember_login
135 
-	 *
136 
-	 * @return TemplateResponse|RedirectResponse
137 
-	 */
138 
-	public function showLoginForm($user, $redirect_url, $remember_login) {
139 
-		if ($this->userSession->isLoggedIn()) {
140 
-			return new RedirectResponse(OC_Util::getDefaultPageUrl());
141 
-		}
127 
+    /**
128 
+     * @PublicPage
129 
+     * @NoCSRFRequired
130 
+     * @UseSession
131 
+     *
132 
+     * @param string $user
133 
+     * @param string $redirect_url
134 
+     * @param string $remember_login
135 
+     *
136 
+     * @return TemplateResponse|RedirectResponse
137 
+     */
138 
+    public function showLoginForm($user, $redirect_url, $remember_login) {
139 
+        if ($this->userSession->isLoggedIn()) {
140 
+            return new RedirectResponse(OC_Util::getDefaultPageUrl());
141 
+        }
142 142
143 
-		$parameters = array();
144 
-		$loginMessages = $this->session->get('loginMessages');
145 
-		$errors = [];
146 
-		$messages = [];
147 
-		if (is_array($loginMessages)) {
148 
-			list($errors, $messages) = $loginMessages;
149 
-		}
150 
-		$this->session->remove('loginMessages');
151 
-		foreach ($errors as $value) {
152 
-			$parameters[$value] = true;
153 
-		}
143 
+        $parameters = array();
144 
+        $loginMessages = $this->session->get('loginMessages');
145 
+        $errors = [];
146 
+        $messages = [];
147 
+        if (is_array($loginMessages)) {
148 
+            list($errors, $messages) = $loginMessages;
149 
+        }
150 
+        $this->session->remove('loginMessages');
151 
+        foreach ($errors as $value) {
152 
+            $parameters[$value] = true;
153 
+        }
154 154
155 
-		$parameters['messages'] = $messages;
156 
-		if (!is_null($user) && $user !== '') {
157 
-			$parameters['loginName'] = $user;
158 
-			$parameters['user_autofocus'] = false;
159 
-		} else {
160 
-			$parameters['loginName'] = '';
161 
-			$parameters['user_autofocus'] = true;
162 
-		}
163 
-		if (!empty($redirect_url)) {
164 
-			$parameters['redirect_url'] = $redirect_url;
165 
-		}
155 
+        $parameters['messages'] = $messages;
156 
+        if (!is_null($user) && $user !== '') {
157 
+            $parameters['loginName'] = $user;
158 
+            $parameters['user_autofocus'] = false;
159 
+        } else {
160 
+            $parameters['loginName'] = '';
161 
+            $parameters['user_autofocus'] = true;
162 
+        }
163 
+        if (!empty($redirect_url)) {
164 
+            $parameters['redirect_url'] = $redirect_url;
165 
+        }
166 166
167 
-		$parameters['canResetPassword'] = true;
168 
-		$parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', '');
169 
-		if (!$parameters['resetPasswordLink']) {
170 
-			if (!is_null($user) && $user !== '') {
171 
-				$userObj = $this->userManager->get($user);
172 
-				if ($userObj instanceof IUser) {
173 
-					$parameters['canResetPassword'] = $userObj->canChangePassword();
174 
-				}
175 
-			}
176 
-		} elseif ($parameters['resetPasswordLink'] === 'disabled') {
177 
-			$parameters['canResetPassword'] = false;
178 
-		}
167 
+        $parameters['canResetPassword'] = true;
168 
+        $parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', '');
169 
+        if (!$parameters['resetPasswordLink']) {
170 
+            if (!is_null($user) && $user !== '') {
171 
+                $userObj = $this->userManager->get($user);
172 
+                if ($userObj instanceof IUser) {
173 
+                    $parameters['canResetPassword'] = $userObj->canChangePassword();
174 
+                }
175 
+            }
176 
+        } elseif ($parameters['resetPasswordLink'] === 'disabled') {
177 
+            $parameters['canResetPassword'] = false;
178 
+        }
179 179
180 
-		$parameters['alt_login'] = OC_App::getAlternativeLogIns();
181 
-		$parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0;
182 
-		$parameters['hideRemeberLoginState'] = !empty($redirect_url) && $this->session->exists('client.flow.state.token');
180 
+        $parameters['alt_login'] = OC_App::getAlternativeLogIns();
181 
+        $parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0;
182 
+        $parameters['hideRemeberLoginState'] = !empty($redirect_url) && $this->session->exists('client.flow.state.token');
183 183
184 
-		if (!is_null($user) && $user !== '') {
185 
-			$parameters['loginName'] = $user;
186 
-			$parameters['user_autofocus'] = false;
187 
-		} else {
188 
-			$parameters['loginName'] = '';
189 
-			$parameters['user_autofocus'] = true;
190 
-		}
184 
+        if (!is_null($user) && $user !== '') {
185 
+            $parameters['loginName'] = $user;
186 
+            $parameters['user_autofocus'] = false;
187 
+        } else {
188 
+            $parameters['loginName'] = '';
189 
+            $parameters['user_autofocus'] = true;
190 
+        }
191 191
192 
-		// OpenGraph Support: http://ogp.me/
193 
-		Util::addHeader('meta', ['property' => 'og:title', 'content' => Util::sanitizeHTML($this->defaults->getName())]);
194 
-		Util::addHeader('meta', ['property' => 'og:description', 'content' => Util::sanitizeHTML($this->defaults->getSlogan())]);
195 
-		Util::addHeader('meta', ['property' => 'og:site_name', 'content' => Util::sanitizeHTML($this->defaults->getName())]);
196 
-		Util::addHeader('meta', ['property' => 'og:url', 'content' => $this->urlGenerator->getAbsoluteURL('/')]);
197 
-		Util::addHeader('meta', ['property' => 'og:type', 'content' => 'website']);
198 
-		Util::addHeader('meta', ['property' => 'og:image', 'content' => $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core','favicon-touch.png'))]);
192 
+        // OpenGraph Support: http://ogp.me/
193 
+        Util::addHeader('meta', ['property' => 'og:title', 'content' => Util::sanitizeHTML($this->defaults->getName())]);
194 
+        Util::addHeader('meta', ['property' => 'og:description', 'content' => Util::sanitizeHTML($this->defaults->getSlogan())]);
195 
+        Util::addHeader('meta', ['property' => 'og:site_name', 'content' => Util::sanitizeHTML($this->defaults->getName())]);
196 
+        Util::addHeader('meta', ['property' => 'og:url', 'content' => $this->urlGenerator->getAbsoluteURL('/')]);
197 
+        Util::addHeader('meta', ['property' => 'og:type', 'content' => 'website']);
198 
+        Util::addHeader('meta', ['property' => 'og:image', 'content' => $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core','favicon-touch.png'))]);
199 199
200 
-		return new TemplateResponse(
201 
-			$this->appName, 'login', $parameters, 'guest'
202 
-		);
203 
-	}
200 
+        return new TemplateResponse(
201 
+            $this->appName, 'login', $parameters, 'guest'
202 
+        );
203 
+    }
204 204
205 
-	/**
206 
-	 * @param string $redirectUrl
207 
-	 * @return RedirectResponse
208 
-	 */
209 
-	private function generateRedirect($redirectUrl) {
210 
-		if (!is_null($redirectUrl) && $this->userSession->isLoggedIn()) {
211 
-			$location = $this->urlGenerator->getAbsoluteURL(urldecode($redirectUrl));
212 
-			// Deny the redirect if the URL contains a @
213 
-			// This prevents unvalidated redirects like ?redirect_url=:[email protected]
214 
-			if (strpos($location, '@') === false) {
215 
-				return new RedirectResponse($location);
216 
-			}
217 
-		}
218 
-		return new RedirectResponse(OC_Util::getDefaultPageUrl());
219 
-	}
205 
+    /**
206 
+     * @param string $redirectUrl
207 
+     * @return RedirectResponse
208 
+     */
209 
+    private function generateRedirect($redirectUrl) {
210 
+        if (!is_null($redirectUrl) && $this->userSession->isLoggedIn()) {
211 
+            $location = $this->urlGenerator->getAbsoluteURL(urldecode($redirectUrl));
212 
+            // Deny the redirect if the URL contains a @
213 
+            // This prevents unvalidated redirects like ?redirect_url=:[email protected]
214 
+            if (strpos($location, '@') === false) {
215 
+                return new RedirectResponse($location);
216 
+            }
217 
+        }
218 
+        return new RedirectResponse(OC_Util::getDefaultPageUrl());
219 
+    }
220 220
221 
-	/**
222 
-	 * @PublicPage
223 
-	 * @UseSession
224 
-	 * @NoCSRFRequired
225 
-	 * @BruteForceProtection(action=login)
226 
-	 *
227 
-	 * @param string $user
228 
-	 * @param string $password
229 
-	 * @param string $redirect_url
230 
-	 * @param boolean $remember_login
231 
-	 * @param string $timezone
232 
-	 * @param string $timezone_offset
233 
-	 * @return RedirectResponse
234 
-	 */
235 
-	public function tryLogin($user, $password, $redirect_url, $remember_login = false, $timezone = '', $timezone_offset = '') {
236 
-		if(!is_string($user)) {
237 
-			throw new \InvalidArgumentException('Username must be string');
238 
-		}
221 
+    /**
222 
+     * @PublicPage
223 
+     * @UseSession
224 
+     * @NoCSRFRequired
225 
+     * @BruteForceProtection(action=login)
226 
+     *
227 
+     * @param string $user
228 
+     * @param string $password
229 
+     * @param string $redirect_url
230 
+     * @param boolean $remember_login
231 
+     * @param string $timezone
232 
+     * @param string $timezone_offset
233 
+     * @return RedirectResponse
234 
+     */
235 
+    public function tryLogin($user, $password, $redirect_url, $remember_login = false, $timezone = '', $timezone_offset = '') {
236 
+        if(!is_string($user)) {
237 
+            throw new \InvalidArgumentException('Username must be string');
238 
+        }
239 239
240 
-		// If the user is already logged in and the CSRF check does not pass then
241 
-		// simply redirect the user to the correct page as required. This is the
242 
-		// case when an user has already logged-in, in another tab.
243 
-		if(!$this->request->passesCSRFCheck()) {
244 
-			return $this->generateRedirect($redirect_url);
245 
-		}
240 
+        // If the user is already logged in and the CSRF check does not pass then
241 
+        // simply redirect the user to the correct page as required. This is the
242 
+        // case when an user has already logged-in, in another tab.
243 
+        if(!$this->request->passesCSRFCheck()) {
244 
+            return $this->generateRedirect($redirect_url);
245 
+        }
246 246
247 
-		if ($this->userManager instanceof PublicEmitter) {
248 
-			$this->userManager->emit('\OC\User', 'preLogin', array($user, $password));
249 
-		}
247 
+        if ($this->userManager instanceof PublicEmitter) {
248 
+            $this->userManager->emit('\OC\User', 'preLogin', array($user, $password));
249 
+        }
250 250
251 
-		$originalUser = $user;
252 
-		// TODO: Add all the insane error handling
253 
-		/* @var $loginResult IUser */
254 
-		$loginResult = $this->userManager->checkPasswordNoLogging($user, $password);
255 
-		if ($loginResult === false) {
256 
-			$users = $this->userManager->getByEmail($user);
257 
-			// we only allow login by email if unique
258 
-			if (count($users) === 1) {
259 
-				$previousUser = $user;
260 
-				$user = $users[0]->getUID();
261 
-				if($user !== $previousUser) {
262 
-					$loginResult = $this->userManager->checkPassword($user, $password);
263 
-				}
264 
-			}
265 
-		}
266 
-		if ($loginResult === false) {
267 
-			$this->logger->warning('Login failed: \''. $user .'\' (Remote IP: \''. $this->request->getRemoteAddress(). '\')', ['app' => 'core']);
268 
-			// Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
269 
-			$args = !is_null($user) ? ['user' => $originalUser] : [];
270 
-			if (!is_null($redirect_url)) {
271 
-				$args['redirect_url'] = $redirect_url;
272 
-			}
273 
-			$response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
274 
-			$response->throttle(['user' => $user]);
275 
-			$this->session->set('loginMessages', [
276 
-				['invalidpassword'], []
277 
-			]);
278 
-			return $response;
279 
-		}
280 
-		// TODO: remove password checks from above and let the user session handle failures
281 
-		// requires https://github.com/owncloud/core/pull/24616
282 
-		$this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]);
283 
-		$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, (int)$remember_login);
251 
+        $originalUser = $user;
252 
+        // TODO: Add all the insane error handling
253 
+        /* @var $loginResult IUser */
254 
+        $loginResult = $this->userManager->checkPasswordNoLogging($user, $password);
255 
+        if ($loginResult === false) {
256 
+            $users = $this->userManager->getByEmail($user);
257 
+            // we only allow login by email if unique
258 
+            if (count($users) === 1) {
259 
+                $previousUser = $user;
260 
+                $user = $users[0]->getUID();
261 
+                if($user !== $previousUser) {
262 
+                    $loginResult = $this->userManager->checkPassword($user, $password);
263 
+                }
264 
+            }
265 
+        }
266 
+        if ($loginResult === false) {
267 
+            $this->logger->warning('Login failed: \''. $user .'\' (Remote IP: \''. $this->request->getRemoteAddress(). '\')', ['app' => 'core']);
268 
+            // Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
269 
+            $args = !is_null($user) ? ['user' => $originalUser] : [];
270 
+            if (!is_null($redirect_url)) {
271 
+                $args['redirect_url'] = $redirect_url;
272 
+            }
273 
+            $response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
274 
+            $response->throttle(['user' => $user]);
275 
+            $this->session->set('loginMessages', [
276 
+                ['invalidpassword'], []
277 
+            ]);
278 
+            return $response;
279 
+        }
280 
+        // TODO: remove password checks from above and let the user session handle failures
281 
+        // requires https://github.com/owncloud/core/pull/24616
282 
+        $this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]);
283 
+        $this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, (int)$remember_login);
284 284
285 
-		// User has successfully logged in, now remove the password reset link, when it is available
286 
-		$this->config->deleteUserValue($loginResult->getUID(), 'core', 'lostpassword');
285 
+        // User has successfully logged in, now remove the password reset link, when it is available
286 
+        $this->config->deleteUserValue($loginResult->getUID(), 'core', 'lostpassword');
287 287
288 
-		$this->session->set('last-password-confirm', $loginResult->getLastLogin());
288 
+        $this->session->set('last-password-confirm', $loginResult->getLastLogin());
289 289
290 
-		if ($timezone_offset !== '') {
291 
-			$this->config->setUserValue($loginResult->getUID(), 'core', 'timezone', $timezone);
292 
-			$this->session->set('timezone', $timezone_offset);
293 
-		}
290 
+        if ($timezone_offset !== '') {
291 
+            $this->config->setUserValue($loginResult->getUID(), 'core', 'timezone', $timezone);
292 
+            $this->session->set('timezone', $timezone_offset);
293 
+        }
294 294
295 
-		if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
296 
-			$this->twoFactorManager->prepareTwoFactorLogin($loginResult, $remember_login);
295 
+        if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
296 
+            $this->twoFactorManager->prepareTwoFactorLogin($loginResult, $remember_login);
297 297
298 
-			$providers = $this->twoFactorManager->getProviders($loginResult);
299 
-			if (count($providers) === 1) {
300 
-				// Single provider, hence we can redirect to that provider's challenge page directly
301 
-				/* @var $provider IProvider */
302 
-				$provider = array_pop($providers);
303 
-				$url = 'core.TwoFactorChallenge.showChallenge';
304 
-				$urlParams = [
305 
-					'challengeProviderId' => $provider->getId(),
306 
-				];
307 
-			} else {
308 
-				$url = 'core.TwoFactorChallenge.selectChallenge';
309 
-				$urlParams = [];
310 
-			}
298 
+            $providers = $this->twoFactorManager->getProviders($loginResult);
299 
+            if (count($providers) === 1) {
300 
+                // Single provider, hence we can redirect to that provider's challenge page directly
301 
+                /* @var $provider IProvider */
302 
+                $provider = array_pop($providers);
303 
+                $url = 'core.TwoFactorChallenge.showChallenge';
304 
+                $urlParams = [
305 
+                    'challengeProviderId' => $provider->getId(),
306 
+                ];
307 
+            } else {
308 
+                $url = 'core.TwoFactorChallenge.selectChallenge';
309 
+                $urlParams = [];
310 
+            }
311 311
312 
-			if (!is_null($redirect_url)) {
313 
-				$urlParams['redirect_url'] = $redirect_url;
314 
-			}
312 
+            if (!is_null($redirect_url)) {
313 
+                $urlParams['redirect_url'] = $redirect_url;
314 
+            }
315 315
316 
-			return new RedirectResponse($this->urlGenerator->linkToRoute($url, $urlParams));
317 
-		}
316 
+            return new RedirectResponse($this->urlGenerator->linkToRoute($url, $urlParams));
317 
+        }
318 318
319 
-		if ($remember_login) {
320 
-			$this->userSession->createRememberMeToken($loginResult);
321 
-		}
319 
+        if ($remember_login) {
320 
+            $this->userSession->createRememberMeToken($loginResult);
321 
+        }
322 322
323 
-		return $this->generateRedirect($redirect_url);
324 
-	}
323 
+        return $this->generateRedirect($redirect_url);
324 
+    }
325 325
326 
-	/**
327 
-	 * @NoAdminRequired
328 
-	 * @UseSession
329 
-	 * @BruteForceProtection(action=sudo)
330 
-	 *
331 
-	 * @license GNU AGPL version 3 or any later version
332 
-	 *
333 
-	 * @param string $password
334 
-	 * @return DataResponse
335 
-	 */
336 
-	public function confirmPassword($password) {
337 
-		$loginName = $this->userSession->getLoginName();
338 
-		$loginResult = $this->userManager->checkPassword($loginName, $password);
339 
-		if ($loginResult === false) {
340 
-			$response = new DataResponse([], Http::STATUS_FORBIDDEN);
341 
-			$response->throttle();
342 
-			return $response;
343 
-		}
326 
+    /**
327 
+     * @NoAdminRequired
328 
+     * @UseSession
329 
+     * @BruteForceProtection(action=sudo)
330 
+     *
331 
+     * @license GNU AGPL version 3 or any later version
332 
+     *
333 
+     * @param string $password
334 
+     * @return DataResponse
335 
+     */
336 
+    public function confirmPassword($password) {
337 
+        $loginName = $this->userSession->getLoginName();
338 
+        $loginResult = $this->userManager->checkPassword($loginName, $password);
339 
+        if ($loginResult === false) {
340 
+            $response = new DataResponse([], Http::STATUS_FORBIDDEN);
341 
+            $response->throttle();
342 
+            return $response;
343 
+        }
344 344
345 
-		$confirmTimestamp = time();
346 
-		$this->session->set('last-password-confirm', $confirmTimestamp);
347 
-		return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK);
348 
-	}
345 
+        $confirmTimestamp = time();
346 
+        $this->session->set('last-password-confirm', $confirmTimestamp);
347 
+        return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK);
348 
+    }
349 349 
 }
Please login to merge, or discard this patch.