Bearer tokens are app token

Fixes #12498 This means that we set that it is a proper app token once it is validated. This will allow the 2FA middleware to just run the same check. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
nextcloud · Nov 20, 2018 · adf1488 · adf1488
1 parent b4a410e
commit adf1488
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
@@ -776,6 +776,10 @@ public function tryTokenLogin(IRequest $request) {
 		if(!$this->validateToken($token)) {
 			return false;
 		}
+
+		// Set the session variable so we know this is an app password
+		$this->session->set('app_password', $token);
+
 		return true;
 	}