daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-28 22:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

aio-interface: preserve old PHPSESSID session during cookie migration to survive 502s on mastercontainer update (#7971)

Browse Source
This commit is contained in:
Simon L.
2026-04-21 17:55:54 +02:00
committed by GitHub
parent 45a1cd73b6 301f42d2a0
commit 8de44cf6aa
2 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
php/src/Auth/AuthManager.php
View File

@@ -42,6 +42,18 @@ readonly class AuthManager {
$_SESSION[self::SESSION_KEY] = $isLoggedIn;
}
/**
* Migrates the authenticated state from an old session (different cookie name) to the new session.
* Unlike SetAuthState, this method preserves the original login timestamp and does not update
* the session_date_file, so the session deduplicator is not triggered. This keeps the old session
* file alive in case the response carrying the new cookie is lost (e.g., due to a 502 error during
* a mastercontainer update), allowing the client to retry with the old cookie.
*/
public function MigrateAuthState(int $oldTimestamp) : void {
$_SESSION[self::SESSION_KEY] = true;
$_SESSION['date_time'] = $oldTimestamp;
}
public function IsAuthenticated() : bool {
return isset($_SESSION[self::SESSION_KEY]) && $_SESSION[self::SESSION_KEY] === true;
}