summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/Controller/ClientFlowLoginController.php4
1 files changed, 3 insertions, 1 deletions
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index 891910b8d09..f18af83a9c7 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -192,11 +192,13 @@ class ClientFlowLoginController extends Controller {
* @return Http\RedirectResponse|Response
*/
public function generateAppPassword($stateToken) {
- $this->session->remove(self::stateName);
if(!$this->isValidToken($stateToken)) {
+ $this->session->remove(self::stateName);
return $this->stateTokenForbiddenResponse();
}
+ $this->session->remove(self::stateName);
+
try {
$sessionId = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 16:50:40 +0000