[Web] Fix oAuth logout after authentication (if enabled)

master
andryyy 2020-05-04 21:51:42 +02:00
parent caff918b69
commit 565feada7e
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
2 changed files with 4 additions and 8 deletions

View File

@ -60,6 +60,10 @@ $is_authorized = ($_POST['authorized'] == '1');
$oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized, $_SESSION['mailcow_cc_username']);
if ($is_authorized) {
unset($_SESSION['oauth2_request']);
if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
session_unset();
session_destroy();
}
header('Location: ' . $response->getHttpHeader('Location'));
exit;
}

View File

@ -22,16 +22,8 @@ if (!empty($mailbox)) {
'modified' => (!empty($mailbox['modified']) ? $mailbox['modified'] : ''),
'active' => (!empty($mailbox['active']) ? $mailbox['active'] : ''),
));
if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
session_unset();
session_destroy();
}
exit;
}
if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
session_unset();
session_destroy();
}
}
echo json_encode(array(
'success' => false