Set last-password-confirmation for setup

Else you have to enter your password directly after setup if you do anything admin worthy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
6 years ago · c106a9d293
1 changed files with 4 additions and 0 deletions
--- a/lib/private/Setup.php
+++ b/lib/private/Setup.php
@ -49,6 +49,7 @@ use OC\Authentication\Token\DefaultTokenCleanupJob;
 use OC\Authentication\Token\DefaultTokenProvider;
 use OC\Log\Rotate;
 use OC\Preview\BackgroundCleanupJob;
+use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Defaults;
 use OCP\IGroup;
 use OCP\IL10N;
@ -421,6 +422,9 @@ class Setup {
 			$userSession->login($username, $password);
 			$userSession->createSessionToken($request, $userSession->getUser()->getUID(), $username, $password);

+			$session = $userSession->getSession();
+			$session->set('last-password-confirm', \OC::$server->query(ITimeFactory::class)->getTime());
+
 			// Set email for admin
 			if (!empty($options['adminemail'])) {
 				$config->setUserValue($user->getUID(), 'settings', 'email', $options['adminemail']);