wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

regenerate session id on successful login, fixes integration test

Browse source 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Arthur Schiwon 2016-12-01 14:06:22 +01:00
parent 7b3fdfeeaa
commit 50844e8c47
No known key found for this signature in database
GPG key ID: 7424F1874854DF23
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/private/User/Session.php
View file

@ -339,6 +339,8 @@ class Session implements IUserSession, Emitter {
throw new LoginException($message);
}
$this->session->regenerateId();
$this->setUser($user);
$this->setLoginName($loginDetails['loginName']);
@ -560,6 +562,8 @@ class Session implements IUserSession, Emitter {
// Ignore and use empty string instead
}
$this->manager->emit('\OC\User', 'preLogin', array($uid, $password));
$user = $this->manager->get($uid);
if (is_null($user)) {
// user does not exist