diff options
| author | Stephane Martin <stephane.martin@vesperal.eu> | 2013-08-26 15:16:41 +0200 |
|---|---|---|
| committer | Stephane Martin <stephane.martin@vesperal.eu> | 2013-08-26 15:16:41 +0200 |
| commit | 81a45cfcf1c7064615429bb3f9759e9455868614 (patch) | |
| tree | 593ffe39e736ebc3dc0e008a4e33affeed1ac14e /lib | |
| parent | 29c28a45cacebfcca7df7577334e76da001f2eb1 (diff) | |
| download | nextcloud-server-81a45cfcf1c7064615429bb3f9759e9455868614.tar.gz nextcloud-server-81a45cfcf1c7064615429bb3f9759e9455868614.zip | |
fixes #4574
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/base.php | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/lib/base.php b/lib/base.php index 2613e88d053..c73eb9413d6 100644 --- a/lib/base.php +++ b/lib/base.php @@ -795,11 +795,16 @@ class OC { ) { return false; } - OC_App::loadApps(array('authentication')); - if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { - //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); - OC_User::unsetMagicInCookie(); - $_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister(); + // don't redo authentication if user is already logged in + // otherwise session would be invalidated in OC_User::login with + // session_regenerate_id at every page load + if (!OC_User::isLoggedIn()) { + OC_App::loadApps(array('authentication')); + if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { + //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); + OC_User::unsetMagicInCookie(); + $_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister(); + } } return true; } |