From 09c7f0a6d1b730847e38a731fe2ef43a98c0ecb5 Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Thu, 27 Mar 2014 17:02:08 -0500
Subject: [PATCH] Keep session after change of email address

---
 include/class.auth.php        | 13 +++++++------
 include/class.usersession.php |  2 +-
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/include/class.auth.php b/include/class.auth.php
index 816930400..ebf76b2a8 100644
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -523,7 +523,7 @@ abstract class UserAuthenticationBackend  extends AuthenticationBackend {
     }
 
     protected function getAuthKey($user) {
-        return  $user->getUsername();
+        return  $user->getId();
     }
 
     static function getUser() {
@@ -546,12 +546,13 @@ abstract class UserAuthenticationBackend  extends AuthenticationBackend {
         return $user;
     }
 
-    protected function validate($username) {
-        if (!($acct = ClientAccount::lookupByUsername($username)))
-            return;
+    protected function validate($userid) {
+        if (!($user = User::lookup($userid)))
+            return false;
+        elseif (!$user->getAccount())
+            return false;
 
-        if (($client = new ClientSession(new EndUser($acct->getUser()))) && $client->getId())
-            return $client;
+        return new ClientSession(new EndUser($user));
     }
 }
 
diff --git a/include/class.usersession.php b/include/class.usersession.php
index 31c4ce058..9e7fd277b 100644
--- a/include/class.usersession.php
+++ b/include/class.usersession.php
@@ -120,7 +120,7 @@ class ClientSession extends EndUser {
         parent::__construct($user);
         $this->token = &$_SESSION[':token']['client'];
         // XXX: Change the key to user-id
-        $this->session= new UserSession($user->getUserName());
+        $this->session= new UserSession($user->getId());
     }
 
     function isValid(){
-- 
GitLab