diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-01-23 10:12:01 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-23 10:12:01 +0100 |
| commit | f2b118a2561952663a9040e2909ff9d20ea60ffc (patch) | |
| tree | cdeaf145eeb70bb9d3d81e92bbafeccfed26216b /core | |
| parent | 308d5d54def17c4b34b96c97d51d714b1da5f48d (diff) | |
| parent | e6333c8fe389aca4e1e8349f276de0058c20c6bb (diff) | |
| download | nextcloud-server-f2b118a2561952663a9040e2909ff9d20ea60ffc.tar.gz nextcloud-server-f2b118a2561952663a9040e2909ff9d20ea60ffc.zip | |
Merge pull request #13747 from nextcloud/fix/honor_session_lifetime_if_remember_cookie_is_disabled
Honor remember_login_cookie_lifetime
Diffstat (limited to 'core')
| -rw-r--r-- | core/Controller/LoginController.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 40e13b43c80..64899304d78 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -329,7 +329,14 @@ class LoginController extends Controller { // TODO: remove password checks from above and let the user session handle failures // requires https://github.com/owncloud/core/pull/24616 $this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]); - $this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, IToken::REMEMBER); + + $tokenType = IToken::REMEMBER; + if ((int)$this->config->getSystemValue('remember_login_cookie_lifetime', 60*60*24*15) === 0) { + $remember_login = false; + $tokenType = IToken::DO_NOT_REMEMBER; + } + + $this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, $tokenType); $this->userSession->updateTokens($loginResult->getUID(), $password); // User has successfully logged in, now remove the password reset link, when it is available |