mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-24 05:04:07 -08:00
Fix for session fixation vulnerability
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
parent
7fb3a9b82c
commit
0550fe0ffa
|
@ -303,8 +303,8 @@ class LoginController extends Controller
|
||||||
*/
|
*/
|
||||||
public function logout(Request $request)
|
public function logout(Request $request)
|
||||||
{
|
{
|
||||||
$request->session()->forget('2fa_authed');
|
|
||||||
|
|
||||||
|
$request->session()->regenerate(true);
|
||||||
Auth::logout();
|
Auth::logout();
|
||||||
|
|
||||||
$settings = Setting::getSettings();
|
$settings = Setting::getSettings();
|
||||||
|
|
Loading…
Reference in a new issue