Skip to content
Snippets Groups Projects
Commit c4bfb69f authored by Jared Hancock's avatar Jared Hancock
Browse files

Don't recreate session on login

parent dfaca0d4
No related branches found
No related tags found
No related merge requests found
...@@ -320,15 +320,6 @@ abstract class StaffAuthenticationBackend extends AuthenticationBackend { ...@@ -320,15 +320,6 @@ abstract class StaffAuthenticationBackend extends AuthenticationBackend {
$_SESSION['TZ_OFFSET'] = $staff->getTZoffset(); $_SESSION['TZ_OFFSET'] = $staff->getTZoffset();
$_SESSION['TZ_DST'] = $staff->observeDaylight(); $_SESSION['TZ_DST'] = $staff->observeDaylight();
//Regenerate session id.
$sid = session_id(); //Current id
session_regenerate_id(true);
// Destroy old session ID - needed for PHP version < 5.1.0
// DELME: remove when we move to php 5.3 as min. requirement.
if(($session=$ost->getSession()) && is_object($session)
&& $sid!=session_id())
$session->destroy($sid);
Signal::send('auth.login.succeeded', $staff); Signal::send('auth.login.succeeded', $staff);
$staff->cancelResetTokens(); $staff->cancelResetTokens();
...@@ -444,12 +435,6 @@ abstract class UserAuthenticationBackend extends AuthenticationBackend { ...@@ -444,12 +435,6 @@ abstract class UserAuthenticationBackend extends AuthenticationBackend {
$user->getUserName(), $user->getId(), $_SERVER['REMOTE_ADDR']); $user->getUserName(), $user->getId(), $_SERVER['REMOTE_ADDR']);
$ost->logDebug('User login', $msg); $ost->logDebug('User login', $msg);
//Regenerate session ID.
$sid=session_id(); //Current session id.
session_regenerate_id(TRUE); //get new ID.
if(($session=$ost->getSession()) && is_object($session) && $sid!=session_id())
$session->destroy($sid);
return true; return true;
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment