Get password from session if not given when joining room

Signed-off-by: Joas Schilling <[email protected]>
nextcloud · nickvergessen · Aug 28, 2019 · Jun 27, 2019 · Aug 26, 2019 · Aug 27, 2019
commit ee0e77f48f533f8ab9f0faa8eb181dd45124e3f5
diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php
@@ -160,8 +160,6 @@ public function index(string $token = '', string $callUser = '', string $passwor
 				$token = '';
 			}
 
-			$this->talkSession->removePasswordForRoom($token);
-
 			if ($room instanceof Room && $room->hasPassword()) {
 				// If the user joined themselves or is not found, they need the password.
 				try {
@@ -172,12 +170,14 @@ public function index(string $token = '', string $callUser = '', string $passwor
 				}
 
 				if ($requirePassword) {
+					$password = $password !== '' ? $password : (string) $this->talkSession->getPasswordForRoom($token);
 
 					$passwordVerification = $room->verifyPassword($password);
 
 					if ($passwordVerification['result']) {
-						$this->talkSession->setPasswordForRoom($token, $token);
+						$this->talkSession->setPasswordForRoom($token, $password);
 					} else {
+						$this->talkSession->removePasswordForRoom($token);
 						if ($passwordVerification['url'] === '') {
 							return new TemplateResponse($this->appName, 'authenticate', [
 								'wrongpw' => $password !== '',
@@ -226,13 +226,14 @@ protected function guestEnterRoom(string $token, string $password): Response {
 			]));
 		}
 
-		$this->talkSession->removePasswordForRoom($token);
 		if ($room->hasPassword()) {
-			$passwordVerification = $room->verifyPassword($password);
+			$password = $password !== '' ? $password : (string) $this->talkSession->getPasswordForRoom($token);
 
+			$passwordVerification = $room->verifyPassword($password);
 			if ($passwordVerification['result']) {
-				$this->talkSession->setPasswordForRoom($token, $token);
+				$this->talkSession->setPasswordForRoom($token, $password);
 			} else {
+				$this->talkSession->removePasswordForRoom($token);
 				if ($passwordVerification['url'] === '') {
 					return new TemplateResponse($this->appName, 'authenticate', [
 						'wrongpw' => $password !== '',

diff --git a/lib/Controller/RoomController.php b/lib/Controller/RoomController.php
@@ -879,10 +879,11 @@ public function joinRoom(string $token, string $password = ''): DataResponse {
 
 		$user = $this->userManager->get($this->userId);
 		try {
+			$result = $room->verifyPassword((string) $this->session->getPasswordForRoom($token));
 			if ($user instanceof IUser) {
-				$newSessionId = $room->joinRoom($user, $password, $this->session->getPasswordForRoom($token) === $room->getToken());
+				$newSessionId = $room->joinRoom($user, $password, $result['result']);
 			} else {
-				$newSessionId = $room->joinRoomGuest($password, $this->session->getPasswordForRoom($token) === $room->getToken());
+				$newSessionId = $room->joinRoomGuest($password, $result['result']);
 			}
 		} catch (InvalidPasswordException $e) {
 			return new DataResponse([], Http::STATUS_FORBIDDEN);