MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [session] Fix to automatic session destruction in previous attempt to fix the overflow of API sessions

pull/4734/head
iglocska 2019-06-07 08:49:30 +02:00
parent d6fc4272ad
commit 75dcaa14e0
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Controller/AppController.php
View File

@ -50,6 +50,7 @@ class AppController extends Controller
public $pyMispVersion = '2.4.106';
public $phpmin = '7.0';
public $phprec = '7.2';
public $isApiAuthed = false;
public $baseurl = '';
public $sql_dump = false;
@ -251,6 +252,7 @@ class AppController extends Controller
}
$this->Session->renew();
$this->Session->write(AuthComponent::$sessionKey, $user['User']);
$this->isApiAuthed = true;
} else {
// User not authenticated correctly
// reset the session information
@ -502,7 +504,7 @@ class AppController extends Controller
$this->Log = ClassRegistry::init('Log');
echo json_encode($this->Log->getDataSource()->getLog(false, false), JSON_PRETTY_PRINT);
}
if ($this->_isRest()) {
if ($this->isApiAuthed && $this->_isRest()) {
session_destroy();
}
}