Skip to content

Commit

Permalink
feat(core): Expose the confirm password endpoint
Browse files Browse the repository at this point in the history 
Signed-off-by: provokateurin <kate@provokateurin.de>
  • Loading branch information
@provokateurin
provokateurin committed Feb 20, 2024
1 parent 1a3e534 commit d95e500
Show file tree
Hide file tree
Showing 2 changed files with 69 additions and 1 deletion.
13 changes: 12 additions & 1 deletion core/Controller/LoginController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
use OC_App;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
use OCP\AppFramework\Http\Attribute\OpenAPI;
use OCP\AppFramework\Http\Attribute\UseSession;
use OCP\AppFramework\Http\DataResponse;
Expand All @@ -61,7 +62,6 @@
use OCP\Security\Bruteforce\IThrottler;
use OCP\Util;

#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
class LoginController extends Controller {
public const LOGIN_MSG_INVALIDPASSWORD = 'invalidpassword';
public const LOGIN_MSG_USERDISABLED = 'userdisabled';
Expand Down Expand Up @@ -126,6 +126,7 @@ public function logout() {
* @return TemplateResponse|RedirectResponse
*/
#[UseSession]
#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
public function showLoginForm(string $user = null, string $redirect_url = null): Http\Response {
if ($this->userSession->isLoggedIn()) {
return new RedirectResponse($this->urlGenerator->linkToDefaultPageUrl());
Expand Down Expand Up @@ -274,6 +275,7 @@ private function generateRedirect(?string $redirectUrl): RedirectResponse {
* @return RedirectResponse
*/
#[UseSession]
#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
public function tryLogin(Chain $loginChain,
string $user = '',
string $password = '',
Expand Down Expand Up @@ -352,13 +354,22 @@ private function createLoginFailedResponse(
}

/**
* Confirm the user password
*
* @NoAdminRequired
* @BruteForceProtection(action=sudo)
*
* @license GNU AGPL version 3 or any later version
*
* @param string $password The password of the user
*
* @return DataResponse<Http::STATUS_OK, array{lastLogin: int}, array{}>|DataResponse<Http::STATUS_FORBIDDEN, array<empty>, array{}>
*
* 200: Password confirmation succeeded
* 403: Password confirmation failed
*/
#[UseSession]
#[NoCSRFRequired]
public function confirmPassword(string $password): DataResponse {
$loginName = $this->userSession->getLoginName();
$loginResult = $this->userManager->checkPassword($loginName, $password);
Expand Down
57 changes: 57 additions & 0 deletions core/openapi.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -919,6 +919,63 @@
}
}
},
"/index.php/login/confirm": {
"post": {
"operationId": "login-confirm-password",
"summary": "Confirm the user password",
"tags": [
"login"
],
"security": [
{
"bearer_auth": []
},
{
"basic_auth": []
}
],
"parameters": [
{
"name": "password",
"in": "query",
"description": "The password of the user",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "Password confirmation succeeded",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"lastLogin"
],
"properties": {
"lastLogin": {
"type": "integer",
"format": "int64"
}
}
}
}
}
},
"403": {
"description": "Password confirmation failed",
"content": {
"application/json": {
"schema": {}
}
}
}
}
}
},
"/index.php/login/v2/poll": {
"post": {
"operationId": "client_flow_login_v2-poll",
Expand Down

0 comments on commit d95e500

Please sign in to comment.