mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 993 Wiki Activity
Browse Source

Fix duplicate session token after remembered login 

On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
tags/v13.0.0beta1
Christoph Wurst 6 years ago
parent
8358c63f53
commit
38bb6e1477
No account linked to committer's email address
2 changed files with 9 additions and 0 deletions
Split View Show Diff Stats
  1. 1
    0
      lib/private/Authentication/Token/DefaultTokenProvider.php
  2. 8
    0
      tests/lib/Authentication/Token/DefaultTokenProviderTest.php

+ 1
- 0
lib/private/Authentication/Token/DefaultTokenProvider.php View File

@@ -195,6 +195,7 @@ class DefaultTokenProvider implements IProvider {
$newToken->setRemember($token->getRemember());
$newToken->setLastActivity($this->time->getTime());
$this->mapper->insert($newToken);
$this->mapper->delete($token);
}

/**

+ 8
- 0
tests/lib/Authentication/Token/DefaultTokenProviderTest.php View File

@@ -318,6 +318,10 @@ class DefaultTokenProviderTest extends TestCase {
->expects($this->at(1))
->method('insert')
->with($newToken);
$this->mapper
->expects($this->at(2))
->method('delete')
->with($token);

$this->tokenProvider->renewSessionToken('oldId', 'newId');
}
@@ -384,6 +388,10 @@ class DefaultTokenProviderTest extends TestCase {
->expects($this->at(1))
->method('insert')
->with($this->equalTo($newToken));
$this->mapper
->expects($this->at(2))
->method('delete')
->with($token);

$this->tokenProvider->renewSessionToken('oldId', 'newId');
}

Write Preview
Loading…
Cancel
Save