Merge pull request #9515 from nextcloud/bugfix/noid/reset_session_when_auth_against_protected_share
Regenerate session id after public share auth
This commit is contained in:
commit
d4464cc3ef
|
@ -217,6 +217,7 @@ class ShareController extends Controller {
|
|||
private function linkShareAuth(\OCP\Share\IShare $share, $password = null) {
|
||||
if ($password !== null) {
|
||||
if ($this->shareManager->checkPassword($share, $password)) {
|
||||
$this->session->regenerateId();
|
||||
$this->session->set('public_link_authenticated', (string)$share->getId());
|
||||
} else {
|
||||
$this->emitAccessShareHook($share, 403, 'Wrong password');
|
||||
|
|
Loading…
Reference in New Issue