From 1baa2b8deb658b888614bbbb16f64ec22309612a Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Wed, 16 Nov 2016 19:21:00 +0100
Subject: [PATCH] Move OC\OCS\Person to OCSController

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 core/Controller/OCSController.php | 39 ++++++++++++++++++++++++-
 core/routes.php                   |  1 +
 lib/private/OCS/Person.php        | 48 -------------------------------
 ocs/routes.php                    |  8 ------
 4 files changed, 39 insertions(+), 57 deletions(-)
 delete mode 100644 lib/private/OCS/Person.php

diff --git a/core/Controller/OCSController.php b/core/Controller/OCSController.php
index 13cc4d8ce2c..27ab9deb08a 100644
--- a/core/Controller/OCSController.php
+++ b/core/Controller/OCSController.php
@@ -22,8 +22,10 @@
 namespace OC\Core\Controller;
 
 use OC\CapabilitiesManager;
+use OC\Security\Bruteforce\Throttler;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IRequest;
+use OCP\IUserManager;
 use OCP\IUserSession;
 
 class OCSController extends \OCP\AppFramework\OCSController {
@@ -34,6 +36,12 @@ class OCSController extends \OCP\AppFramework\OCSController {
 	/** @var IUserSession */
 	private $userSession;
 
+	/** @var IUserManager */
+	private $userManager;
+
+	/** @var Throttler */
+	private $throttler;
+
 	/**
 	 * OCSController constructor.
 	 *
@@ -41,15 +49,21 @@ class OCSController extends \OCP\AppFramework\OCSController {
 	 * @param IRequest $request
 	 * @param CapabilitiesManager $capabilitiesManager
 	 * @param IUserSession $userSession
+	 * @param IUserManager $userManager
+	 * @param Throttler $throttler
 	 */
 	public function __construct($appName,
 								IRequest $request,
 								CapabilitiesManager $capabilitiesManager,
-								IUserSession $userSession) {
+								IUserSession $userSession,
+								IUserManager $userManager,
+								Throttler $throttler) {
 		parent::__construct($appName, $request);
 
 		$this->capabilitiesManager = $capabilitiesManager;
 		$this->userSession = $userSession;
+		$this->userManager = $userManager;
+		$this->throttler = $throttler;
 	}
 
 	/**
@@ -102,4 +116,27 @@ class OCSController extends \OCP\AppFramework\OCSController {
 		];
 		return new DataResponse($data);
 	}
+
+	/**
+	 * @PublicPage
+	 *
+	 * @param string $login
+	 * @param string $password
+	 * @return DataResponse
+	 */
+	public function personCheck($login = '', $password = '') {
+		if ($login !== '' && $password !== '') {
+			$this->throttler->sleepDelay($this->request->getRemoteAddress());
+			if ($this->userManager->checkPassword($login, $password)) {
+				return new DataResponse([
+					'person' => [
+						'personid' => $login
+					]
+				]);
+			}
+			$this->throttler->registerAttempt('login', $this->request->getRemoteAddress());
+			return new DataResponse(null, 102);
+		}
+		return new DataResponse(null, 101);
+	}
 }
diff --git a/core/routes.php b/core/routes.php
index c890d232cfe..2ddd77c1445 100644
--- a/core/routes.php
+++ b/core/routes.php
@@ -59,6 +59,7 @@ $application->registerRoutes($this, [
 		['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'],
 		['root' => '/cloud', 'name' => 'OCS#getCurrentUser', 'url' => '/user', 'verb' => 'GET'],
 		['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'],
+		['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'],
 	],
 ]);
 
diff --git a/lib/private/OCS/Person.php b/lib/private/OCS/Person.php
deleted file mode 100644
index d14465c5ce9..00000000000
--- a/lib/private/OCS/Person.php
+++ /dev/null
@@ -1,48 +0,0 @@
-<?php
-/**
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- *
- * @author Bart Visscher <bartv@thisnet.nl>
- * @author Morris Jobke <hey@morrisjobke.de>
- * @author Roeland Jago Douma <roeland@famdouma.nl>
- * @author Tom Needham <tom@owncloud.com>
- *
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-namespace OC\OCS;
-
-class Person {
-
-	public static function check() {
-		$login = isset($_POST['login']) ? $_POST['login'] : false;
-		$password = isset($_POST['password']) ? $_POST['password'] : false;
-		if($login && $password) {
-			$remoteIp = \OC::$server->getRequest()->getRemoteAddress();
-			\OC::$server->getBruteForceThrottler()->sleepDelay($remoteIp);
-			if(\OC_User::checkPassword($login, $password)) {
-				$xml['person']['personid'] = $login;
-				return new Result($xml);
-			} else {
-				\OC::$server->getBruteForceThrottler()->registerAttempt('login', $remoteIp);
-				return new Result(null, 102);
-			}
-		} else {
-			return new Result(null, 101);
-		}
-	}
-
-}
diff --git a/ocs/routes.php b/ocs/routes.php
index 3085cd9db65..932c4053013 100644
--- a/ocs/routes.php
+++ b/ocs/routes.php
@@ -29,14 +29,6 @@
 
 use OCP\API;
 
-// Person
-API::register(
-	'post',
-	'/person/check',
-	array('OC_OCS_Person', 'check'),
-	'core',
-	API::GUEST_AUTH
-	);
 // Privatedata
 API::register(
 	'get',
-- 
GitLab