diff options
| author | Git'Fellow <12234510+solracsf@users.noreply.github.com> | 2024-01-06 09:03:59 +0100 |
|---|---|---|
| committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2024-01-17 09:17:23 +0100 |
| commit | 72e0618f20ff290f28762b24a0b651075a6cd24c (patch) | |
| tree | 958ca3a2462d457cf454af56333fcf82fdfacb03 /lib/private/User | |
| parent | ad12af8d06dfffe3e8d6b4a255aa96fc2c719136 (diff) | |
| download | nextcloud-server-72e0618f20ff290f28762b24a0b651075a6cd24c.tar.gz nextcloud-server-72e0618f20ff290f28762b24a0b651075a6cd24c.zip | |
fix(session): Avoid two useless authtoken DB queries for every anonymous request
Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'lib/private/User')
| -rw-r--r-- | lib/private/User/Session.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 02a7a7e9e16..772a4103490 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -842,13 +842,16 @@ class Session implements IUserSession, Emitter { $authHeader = $request->getHeader('Authorization'); if (str_starts_with($authHeader, 'Bearer ')) { $token = substr($authHeader, 7); - } else { - // No auth header, let's try session id + } elseif ($request->getCookie($this->config->getSystemValueString('instanceid')) !== null) { + // No auth header, let's try session id, but only if this is an existing + // session and the request has a session cookie try { $token = $this->session->getId(); } catch (SessionNotAvailableException $ex) { return false; } + } else { + return false; } if (!$this->loginWithToken($token)) { |