DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-09 23:24:06 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Fix for session fixation vulnerability

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2020-05-12 10:31:54 -07:00
parent 7fb3a9b82c
commit 0550fe0ffa
No known key found for this signature in database
GPG key ID: 10BFFDA3ED34B5AC
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/Http/Controllers/Auth/LoginController.php
View file

@ -303,8 +303,8 @@ class LoginController extends Controller
*/ */
public function logout(Request $request) public function logout(Request $request)
{ {
$request->session()->forget('2fa_authed');
$request->session()->regenerate(true);
Auth::logout(); Auth::logout();
$settings = Setting::getSettings(); $settings = Setting::getSettings();