Fix missing login hook wih Apache/SAML

Without this patch the hook does not transport the information whether the login is done with an app password or not. The suspicious login app requires the parameter to function correctly, hence adding it will make suspicious login detection also possible with SAML users. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
6 years ago · 7d1fc2b8e8
1 changed files with 9 additions and 1 deletions
--- a/lib/private/legacy/user.php
+++ b/lib/private/legacy/user.php
@ -181,7 +181,15 @@ class OC_User {
 				// completed before we can safely create the users folder.
 				// For example encryption needs to initialize the users keys first
 				// before we can create the user folder with the skeleton files
-				OC_Hook::emit("OC_User", "post_login", array("uid" => $uid, 'password' => ''));
+				OC_Hook::emit(
+					'OC_User',
+					'post_login',
+					[
+						'uid' => $uid,
+						'password' => '',
+						'isTokenLogin' => false,
+					]
+				);
 				//trigger creation of user home and /files folder
 				\OC::$server->getUserFolder($uid);
 			}