fix: [user creation] Don't create an advanced authkey by default when creating a new user

- nobody will see the initial key, users can always create API keys for themselves
2021-11-18 23:04:32 +01:00 · 2021-11-18 23:04:32 +01:00 · 606962b21b
parent 96f6b5cd4d
commit 606962b21b
1 changed files with 1 additions and 1 deletions
--- a/app/Controller/UsersController.php
+++ b/app/Controller/UsersController.php
@ -741,7 +741,7 @@ class UsersController extends AppController
                                $notification_message .= ' ' . __('User notification of new credentials could not be send.');
                            }
                        }
-                        if (!empty(Configure::read('Security.advanced_authkeys'))) {
+                        if (!empty(Configure::read('Security.advanced_authkeys')) && $this->_isRest()) {
                            $this->loadModel('AuthKey');
                            $newKey = $this->AuthKey->createnewkey($this->User->id);
                        }