upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-21 06:08:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14

Merge pull request #33772 from nextcloud/debug/remember-me-login-token-mispatch-session-unavailable

Browse source
This commit is contained in:
Julius Härtl 2022-09-01 08:49:56 +02:00 committed by GitHub
commit affa402d21
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/private/User/Session.php
View file

@ -865,6 +865,10 @@ class Session implements IUserSession, Emitter {
$tokens = $this->config->getUserKeys($uid, 'login_token');
// test cookies token against stored tokens
if (!in_array($currentToken, $tokens, true)) {
$this->logger->error('Tried to log in {uid} but could not verify token', [
'app' => 'core',
'uid' => $uid,
]);
return false;
}
// replace successfully used token with a new one
@ -876,6 +880,10 @@ class Session implements IUserSession, Emitter {
$sessionId = $this->session->getId();
$token = $this->tokenProvider->renewSessionToken($oldSessionId, $sessionId);
} catch (SessionNotAvailableException $ex) {
$this->logger->warning('Could not renew session token for {uid} because the session is unavailable', [
'app' => 'core',
'uid' => $uid,
]);
return false;
} catch (InvalidTokenException $ex) {
$this->logger->warning('Renewing session token failed', ['app' => 'core']);