nextcloud · rullzer · Dec 7, 2020 · Dec 4, 2020 · Dec 4, 2020
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
@@ -825,8 +825,18 @@ public function tryTokenLogin(IRequest $request) {
 			return false;
 		}
 
-		// Set the session variable so we know this is an app password
-		$this->session->set('app_password', $token);
+		try {
+			$dbToken = $this->tokenProvider->getToken($token);
+		} catch (InvalidTokenException $e) {
+			// Can't really happen but better save than sorry
+			return true;
+		}
+
+		// Remember me tokens are not app_passwords
+		if ($dbToken->getRemember() === IToken::DO_NOT_REMEMBER) {
+			// Set the session variable so we know this is an app password
+			$this->session->set('app_password', $token);
+		}
 
 		return true;
 	}