Bugfix session handling #6

noris-network · Nov 7, 2016 · 84949eb · 84949eb
1 parent 2d0e78c
commit 84949eb
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/AuthRemoteuser.body.php b/AuthRemoteuser.body.php
@@ -59,7 +59,8 @@ public function provideSessionInfo(WebRequest $request)
     {
         // Have a session ID?
         $id = $this->getSessionIdFromCookie($request);
-        if (null === $id) {
+        // #6 assign a new sessionid if the id is null or if the session is no longer valid
+        if ((null === $id)||(!MediaWiki\Session\SessionManager::singleton()->getSessionById($id))) {
             $username = $this->getRemoteUsername();
             $sessionInfo = $this->newSessionForRequest($username, $request);