Other solutions for nextcloud auto login #1247 due to a TOTP conflict

2024-12-26 09:03:48 +08:00 · 2023-10-02 15:51:19 +02:00 · 2023-10-02 15:51:19 +02:00 · 26b7abf893
commit 26b7abf893
parent 31d50cf67e
6 changed files with 17 additions and 18 deletions
--- a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php
+++ b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php
@ -80,12 +80,13 @@ class SnappyMailHelper
 				if ($doLogin && $aCredentials[1] && $aCredentials[2]) {
 					try {
 						$oActions->Logger()->AddSecret($aCredentials[2]);
-
-						$bSignMe = $oConfig->Get('login', 'sign_me_auto', \RainLoop\Enumerations\SignMeType::DEFAULT_OFF) === \RainLoop\Enumerations\SignMeType::DEFAULT_ON;
-						$oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2], $bSignMe);
+						$oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2]);
 						if ($oAccount) {
 							$oActions->Plugins()->RunHook('login.success', array($oAccount));
 							$oActions->SetAuthToken($oAccount);
+							if ($oConfig->Get('login', 'sign_me_auto', \RainLoop\Enumerations\SignMeType::DEFAULT_OFF) === \RainLoop\Enumerations\SignMeType::DEFAULT_ON) {
+								$oActions->SetSignMeToken($oAccount);
+							}
 						}
 					} catch (\Throwable $e) {
 						// Login failure, reset password to prevent more attempts
--- a/integrations/owncloud/snappymail/lib/Util/SnappyMailHelper.php
+++ b/integrations/owncloud/snappymail/lib/Util/SnappyMailHelper.php
@ -137,7 +137,7 @@ class SnappyMailHelper
 */
 				if ($doLogin && $aCredentials[1] && $aCredentials[2]) {
 					$oActions->Logger()->AddSecret($aCredentials[2]);
-					$oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2], false);
+					$oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2]);
 					if ($oAccount) {
 						$oActions->Plugins()->RunHook('login.success', array($oAccount));
 						$oActions->SetAuthToken($oAccount);
--- a/plugins/login-oauth2/index.php
+++ b/plugins/login-oauth2/index.php
@ -89,7 +89,7 @@ class LoginOAuth2Plugin extends \RainLoop\Plugins\AbstractPlugin
 		$iErrorCode = \RainLoop\Notifications::UnknownError;
 		try
 		{
-			$oAccount = $oActions->LoginProcess($sEmail, $sPassword, '', '', false, true);
+			$oAccount = $oActions->LoginProcess($sEmail, $sPassword);
 			if ($oAccount instanceof \RainLoop\Model\Account) {
 				$oActions->AuthToken($oAccount);
 				$iErrorCode = 0;
--- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/Accounts.php
+++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/Accounts.php
@ -93,7 +93,7 @@ trait Accounts
 		}

 		if ($bNew || $sPassword) {
-			$oNewAccount = $this->LoginProcess($sEmail, $sPassword, false, false);
+			$oNewAccount = $this->LoginProcess($sEmail, $sPassword, false);
 			$aAccounts[$sEmail] = $oNewAccount->asTokenArray($oMainAccount);
 		} else {
 			$aAccounts[$sEmail] = \RainLoop\Model\AdditionalAccount::convertArray($aAccounts[$sEmail]);
--- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/User.php
+++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/User.php
@ -36,18 +36,18 @@ trait User
 	{
 		$sEmail = \MailSo\Base\Utils::Trim($this->GetActionParam('Email', ''));
 		$sPassword = $this->GetActionParam('Password', '');
-		$bSignMe = !empty($this->GetActionParam('signMe', 0));

 		$this->logMask($sPassword);

 		try {
-			$oAccount = $this->LoginProcess($sEmail, $sPassword, $bSignMe);
+			$oAccount = $this->LoginProcess($sEmail, $sPassword);
 		} catch (\Throwable $oException) {
 			$this->loginErrorDelay();
 			throw $oException;
 		}

 		$this->SetAuthToken($oAccount);
+		empty($this->GetActionParam('signMe', 0)) || $this->SetSignMeToken($oAccount);

 		$this->Plugins()->RunHook('login.success', array($oAccount));

--- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php
+++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php
@ -113,7 +113,7 @@ trait UserAuth
 	/**
 	 * @throws \RainLoop\Exceptions\ClientException
 	 */
-	public function LoginProcess(string &$sEmail, string &$sPassword, bool $bSignMe = false, bool $bMainAccount = true): Account
+	public function LoginProcess(string &$sEmail, string &$sPassword, bool $bMainAccount = true): Account
 	{
 		$sInputEmail = $sEmail;

@ -139,14 +139,6 @@ trait UserAuth

 		$this->imapConnect($oAccount, true);
 		if ($bMainAccount) {
-			if($bSignMe){
-				// SetAuthToken token needs to be called before SetSignMeToken
-				// because $_COOKIE['smctoken'] is used by Crypt::Passphrase.
-				// If the $_COOKIE['smctoken'] is not set then SetSignMeToken
-				// throws an exception
-				$this->SetAuthToken($oAccount);
-				$this->SetSignMeToken($oAccount);
-			}
 			$this->StorageProvider()->Put($oAccount, StorageType::SESSION, Utils::GetSessionToken(), 'true');
 		}

@ -334,8 +326,14 @@ trait UserAuth
 		return null;
 	}

-	private function SetSignMeToken(MainAccount $oAccount): void
+	public function SetSignMeToken(MainAccount $oAccount): void
 	{
+		// SetAuthToken token needs to be called first
+		// because $_COOKIE['smctoken'] is used by Crypt::Passphrase.
+		// If the $_COOKIE['smctoken'] is not set then SetSignMeToken
+		// throws an exception
+//		$this->SetAuthToken($oAccount);
+
 		$this->ClearSignMeData();
 		$uuid = \SnappyMail\UUID::generate();
 		$data = \SnappyMail\Crypt::Encrypt($oAccount);