Check if the user session match an existing user

author: Frederic Guillot <fred@kanboard.net> 2015-02-13 16:41:50 -0500
committer: Frederic Guillot <fred@kanboard.net> 2015-02-13 16:41:50 -0500
commit: 124f7cad284d7ce867666def5731ad34a9265e63 (patch)
tree: 14a933c77cbd2aa13f630cca8c697471a80b1ce5 /app/Model/Authentication.php
parent: 8fde5df4f829e9ea2c3a9262512a34a584e4b4e5 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/app/Model/Authentication.php b/app/Model/Authentication.php
index 92898cd5..86c1c43f 100644
--- a/app/Model/Authentication.php
+++ b/app/Model/Authentication.php
@@ -42,6 +42,13 @@ class Authentication extends Base
         // If the user is already logged it's ok
         if ($this->userSession->isLogged()) {
 
+            // Check if the user session match an existing user
+            if (! $this->user->exists($this->userSession->getId())) {
+                $this->backend('rememberMe')->destroy($this->userSession->getId());
+                $this->session->close();
+                return false;
+            }
+
             // We update each time the RememberMe cookie tokens
             if ($this->backend('rememberMe')->hasCookie()) {
                 $this->backend('rememberMe')->refresh();
author	Frederic Guillot <fred@kanboard.net>	2015-02-13 16:41:50 -0500
committer	Frederic Guillot <fred@kanboard.net>	2015-02-13 16:41:50 -0500
commit	124f7cad284d7ce867666def5731ad34a9265e63 (patch)
tree	14a933c77cbd2aa13f630cca8c697471a80b1ce5 /app/Model/Authentication.php
parent	8fde5df4f829e9ea2c3a9262512a34a584e4b4e5 (diff)