diff options
| author | Stephane Martin <stef.martin@gmail.com> | 2013-08-30 06:20:07 -0700 |
|---|---|---|
| committer | Stephane Martin <stef.martin@gmail.com> | 2013-08-30 06:20:07 -0700 |
| commit | 95f42d6544262f54fa3cb832ebd12b2bbc15f88f (patch) | |
| tree | 6e6d8a9655b43b1ab98e0cc2007894a9ce9ca9fe | |
| parent | bf6981312a48aa4ce7307cd7b11cf09250d8794e (diff) | |
| parent | 81a45cfcf1c7064615429bb3f9759e9455868614 (diff) | |
| download | nextcloud-server-95f42d6544262f54fa3cb832ebd12b2bbc15f88f.tar.gz nextcloud-server-95f42d6544262f54fa3cb832ebd12b2bbc15f88f.zip | |
Merge pull request #4578 from houbaastef/master
fixes #4574
| -rw-r--r-- | lib/base.php | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/lib/base.php b/lib/base.php index c6e031e61d6..70333ecccb0 100644 --- a/lib/base.php +++ b/lib/base.php @@ -815,11 +815,16 @@ class OC { ) { return false; } - OC_App::loadApps(array('authentication')); - if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { - //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); - OC_User::unsetMagicInCookie(); - $_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister(); + // don't redo authentication if user is already logged in + // otherwise session would be invalidated in OC_User::login with + // session_regenerate_id at every page load + if (!OC_User::isLoggedIn()) { + OC_App::loadApps(array('authentication')); + if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { + //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); + OC_User::unsetMagicInCookie(); + $_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister(); + } } return true; } |