diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2016-01-04 15:00:58 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2016-01-04 15:09:01 +0100 |
| commit | fec41e753926b9f98a554b99dc66b6dd7a0c96a3 (patch) | |
| tree | c12929701b7e8c5cc7032be5cec9a3164a29ebd1 /lib/private/user.php | |
| parent | ebc52300e752c68b3f6dcc822894ad1ab85f0999 (diff) | |
| download | nextcloud-server-fec41e753926b9f98a554b99dc66b6dd7a0c96a3.tar.gz nextcloud-server-fec41e753926b9f98a554b99dc66b6dd7a0c96a3.zip | |
Move regeneration of session ID into session classes
There were code paths that nowadays call ISession::login directly thus bypassing the desired regeneration of the session ID. This moves the session regeneration deeper into the session handling and thus ensures that it is always called. Furthermore, I also added the session regeneration to the remember me cookie plus added some test case expectations for this.
Diffstat (limited to 'lib/private/user.php')
| -rw-r--r-- | lib/private/user.php | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/lib/private/user.php b/lib/private/user.php index cfa60d675fe..fa1cea9072f 100644 --- a/lib/private/user.php +++ b/lib/private/user.php @@ -162,7 +162,6 @@ class OC_User { * Log in a user and regenerate a new session - if the password is ok */ public static function login($loginname, $password) { - session_regenerate_id(true); $result = self::getUserSession()->login($loginname, $password); if ($result) { //we need to pass the user name, which may differ from login name |