From 2eadf9d567379e04a0dd8b483e6fe7e3e926716b Mon Sep 17 00:00:00 2001
From: Julius Härtl <jus@bitgrid.net>
Date: Tue, 21 Apr 2020 10:54:22 +0200
Subject: Do not create remember me cookie
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 lib/private/Authentication/Login/FinishRememberedLoginCommand.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'lib/private/Authentication/Login')

diff --git a/lib/private/Authentication/Login/FinishRememberedLoginCommand.php b/lib/private/Authentication/Login/FinishRememberedLoginCommand.php
index 1d33f103fdf..8f60c893ec5 100644
--- a/lib/private/Authentication/Login/FinishRememberedLoginCommand.php
+++ b/lib/private/Authentication/Login/FinishRememberedLoginCommand.php
@@ -26,18 +26,22 @@ declare(strict_types=1);
 namespace OC\Authentication\Login;
 
 use OC\User\Session;
+use OCP\IConfig;
 
 class FinishRememberedLoginCommand extends ALoginCommand {
 
 	/** @var Session */
 	private $userSession;
+	/** @var IConfig */
+	private $config;
 
-	public function __construct(Session $userSession) {
+	public function __construct(Session $userSession, IConfig $config) {
 		$this->userSession = $userSession;
+		$this->config = $config;
 	}
 
 	public function process(LoginData $loginData): LoginResult {
-		if ($loginData->isRememberLogin()) {
+		if ($loginData->isRememberLogin() && $this->config->getSystemValue('auto_logout', false) === false) {
 			$this->userSession->createRememberMeToken($loginData->getUser());
 		}
 
-- 
cgit v1.2.3