diff options
| author | Christoph Wurst <christoph@owncloud.com> | 2016-05-17 10:07:58 +0200 |
|---|---|---|
| committer | Christoph Wurst <christoph@owncloud.com> | 2016-05-23 10:32:16 +0200 |
| commit | c20cdc2213f99c6faa500e908b13fed8d0bbe5a1 (patch) | |
| tree | ea544026583faa49857b62442de70bad3042e386 /lib | |
| parent | dec3f9ebcbdeacf5bc483df93900b157a1a5e546 (diff) | |
| download | nextcloud-server-c20cdc2213f99c6faa500e908b13fed8d0bbe5a1.tar.gz nextcloud-server-c20cdc2213f99c6faa500e908b13fed8d0bbe5a1.zip | |
invalidate user session if the user is disabled
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/User/Session.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 7104f46fea2..138e17bba9b 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -206,7 +206,7 @@ class Session implements IUserSession, Emitter { return; } - // Check whether login credentials are still valid + // Check whether login credentials are still valid and the user was not disabled // This check is performed each 5 minutes $lastCheck = $this->session->get('last_login_check') ? : 0; $now = $this->timeFacory->getTime(); @@ -219,8 +219,9 @@ class Session implements IUserSession, Emitter { return; } - if ($this->manager->checkPassword($user->getUID(), $pwd) === false) { - // Password has changed -> log user out + if ($this->manager->checkPassword($user->getUID(), $pwd) === false + || !$user->isEnabled()) { + // Password has changed or user was disabled -> log user out $this->logout(); return; } |