fixes deleteSession API removes browser's cookieFallback #1193
This commit is contained in:
parent
33aaa5c1ef
commit
59338afb40
|
@ -1272,16 +1272,16 @@ App::delete('/v1/account/sessions/:sessionId')
|
||||||
->setParam('resource', '/user/'.$user->getId())
|
->setParam('resource', '/user/'.$user->getId())
|
||||||
;
|
;
|
||||||
|
|
||||||
if (!Config::getParam('domainVerification')) {
|
|
||||||
$response
|
|
||||||
->addHeader('X-Fallback-Cookies', \json_encode([]))
|
|
||||||
;
|
|
||||||
}
|
|
||||||
|
|
||||||
$session->setAttribute('current', false);
|
$session->setAttribute('current', false);
|
||||||
|
|
||||||
if ($session->getAttribute('secret') == Auth::hash(Auth::$secret)) { // If current session delete the cookies too
|
if ($session->getAttribute('secret') == Auth::hash(Auth::$secret)) { // If current session delete the cookies too
|
||||||
$session->setAttribute('current', true);
|
$session->setAttribute('current', true);
|
||||||
|
|
||||||
|
if (!Config::getParam('domainVerification')) {
|
||||||
|
$response
|
||||||
|
->addHeader('X-Fallback-Cookies', \json_encode([]))
|
||||||
|
;
|
||||||
|
}
|
||||||
|
|
||||||
$response
|
$response
|
||||||
->addCookie(Auth::$cookieName.'_legacy', '', \time() - 3600, '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
|
->addCookie(Auth::$cookieName.'_legacy', '', \time() - 3600, '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
|
||||||
|
|
Loading…
Reference in a new issue