mirror of https://github.com/MISP/MISP
fix: [session] Fix to automatic session destruction in previous attempt to fix the overflow of API sessions
parent
d6fc4272ad
commit
75dcaa14e0
|
@ -50,6 +50,7 @@ class AppController extends Controller
|
|||
public $pyMispVersion = '2.4.106';
|
||||
public $phpmin = '7.0';
|
||||
public $phprec = '7.2';
|
||||
public $isApiAuthed = false;
|
||||
|
||||
public $baseurl = '';
|
||||
public $sql_dump = false;
|
||||
|
@ -251,6 +252,7 @@ class AppController extends Controller
|
|||
}
|
||||
$this->Session->renew();
|
||||
$this->Session->write(AuthComponent::$sessionKey, $user['User']);
|
||||
$this->isApiAuthed = true;
|
||||
} else {
|
||||
// User not authenticated correctly
|
||||
// reset the session information
|
||||
|
@ -502,7 +504,7 @@ class AppController extends Controller
|
|||
$this->Log = ClassRegistry::init('Log');
|
||||
echo json_encode($this->Log->getDataSource()->getLog(false, false), JSON_PRETTY_PRINT);
|
||||
}
|
||||
if ($this->_isRest()) {
|
||||
if ($this->isApiAuthed && $this->_isRest()) {
|
||||
session_destroy();
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue