Merge pull request #51879 from nextcloud/backport/51870/stable30

[stable30] fix: Use login name to check the password

Author: susnux

lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php

@@ -80,7 +80,8 @@ public function beforeController(Controller $controller, string $methodName) {
 		if ($this->isPasswordConfirmationStrict($reflectionMethod)) {
 			$authHeader = $this->request->getHeader('Authorization');
 			[, $password] = explode(':', base64_decode(substr($authHeader, 6)), 2);
-			$loginResult = $this->userManager->checkPassword($user->getUid(), $password);
+			$loginName = $this->session->get('loginname');
+			$loginResult = $this->userManager->checkPassword($loginName, $password);
 			if ($loginResult === false) {
 				throw new NotConfirmedException();
 			}