fix: handle IDLE timeout

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
11 months ago · fa7310add9
parent 6bfdcc9402
commit fa7310add9
3 changed files with 22 additions and 1 deletions
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@ -17,6 +17,7 @@ use OCP\AppFramework\Http\Attribute\FrontpageRoute;
 use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\Attribute\PublicPage;
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\ContentSecurityPolicy;
@ -214,6 +215,7 @@ class ClientFlowLoginController extends Controller {

 	#[NoAdminRequired]
 	#[UseSession]
+	#[PasswordConfirmationRequired(strict: false)]
 	#[FrontpageRoute(verb: 'POST', url: '/login/flow')]
 	public function generateAppPassword(
 		string $stateToken,
--- a/core/Controller/ClientFlowLoginV2Controller.php
+++ b/core/Controller/ClientFlowLoginV2Controller.php
@ -19,6 +19,7 @@ use OCP\AppFramework\Http\Attribute\FrontpageRoute;
 use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\Attribute\PublicPage;
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\JSONResponse;
@ -228,6 +229,7 @@ class ClientFlowLoginV2Controller extends Controller {

 	#[NoAdminRequired]
 	#[UseSession]
+	#[PasswordConfirmationRequired(strict: false)]
 	#[FrontpageRoute(verb: 'POST', url: '/login/v2/grant')]
 	public function generateAppPassword(?string $stateToken): Response {
 		if ($stateToken === null) {
--- a/core/js/login/grant.js
+++ b/core/js/login/grant.js
@ -2,11 +2,28 @@
 * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
-document.querySelector('form').addEventListener('submit', function(e) {
+
+const form = document.querySelector('form')
+form.addEventListener('submit', function(event) {
 	const wrapper = document.getElementById('submit-wrapper')
 	if (wrapper === null) {
 		return
 	}
+
+	if (OC.PasswordConfirmation.requiresPasswordConfirmation()) {
+		// stop the event
+		event.preventDefault()
+		event.stopPropagation()
+
+		// handle password confirmation
+		OC.PasswordConfirmation.requirePasswordConfirmation(function () {
+			// when password is confirmed we submit the form
+			form.submit()
+		})
+
+		return false
+	}
+
 	Array.from(wrapper.getElementsByClassName('icon-confirm-white')).forEach(function(el) {
 		el.classList.remove('icon-confirm-white')
 		el.classList.add(OCA.Theming && OCA.Theming.inverted ? 'icon-loading-small' : 'icon-loading-small-dark')