Allow updating the token on session regeneration

Sometimes when we force a session regeneration we want to update the current token for this session. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
author: Roeland Jago Douma <roeland@famdouma.nl> 2018-06-11 10:45:19 +0200
committer: Roeland Jago Douma <roeland@famdouma.nl> 2018-06-14 08:09:36 +0200
commit: 8c47a632e0afc5b38093818f70dcf4cdead42b4d (patch)
tree: b28f4dd055fae30ab2688f63ebe6eae00fa5f867 /lib/private/User
parent: 479e31997f0ecde8d3cf59cc54c5f8ac4b1f80d8 (diff)
download: nextcloud-server-8c47a632e0afc5b38093818f70dcf4cdead42b4d.tar.gz
nextcloud-server-8c47a632e0afc5b38093818f70dcf4cdead42b4d.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 5d8455fb5f7..ee1439b9e20 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -626,6 +626,8 @@ class Session implements IUserSession, Emitter {
 		try {
 			$sessionId = $this->session->getId();
 			$pwd = $this->getPassword($password);
+			// Make sure the current sessionId has no leftover tokens
+			$this->tokenProvider->invalidateToken($sessionId);
 			$this->tokenProvider->generateToken($sessionId, $uid, $loginName, $pwd, $name, IToken::TEMPORARY_TOKEN, $remember);
 			return true;
 		} catch (SessionNotAvailableException $ex) {
author	Roeland Jago Douma <roeland@famdouma.nl>	2018-06-11 10:45:19 +0200
committer	Roeland Jago Douma <roeland@famdouma.nl>	2018-06-14 08:09:36 +0200
commit	8c47a632e0afc5b38093818f70dcf4cdead42b4d (patch)
tree	b28f4dd055fae30ab2688f63ebe6eae00fa5f867 /lib/private/User
parent	479e31997f0ecde8d3cf59cc54c5f8ac4b1f80d8 (diff)
download	nextcloud-server-8c47a632e0afc5b38093818f70dcf4cdead42b4d.tar.gz nextcloud-server-8c47a632e0afc5b38093818f70dcf4cdead42b4d.zip