diff options
author | Corey Hulen <corey@hulen.com> | 2016-06-15 04:10:22 -0800 |
---|---|---|
committer | Joram Wilander <jwawilander@gmail.com> | 2016-06-15 08:10:22 -0400 |
commit | c7e9f3cb1b9cedb328da28aa5f4237fdc325e68c (patch) | |
tree | 8e02c21f77aa05da04ce2ca93b9f0e38cd993863 /api | |
parent | 5aaf5c51fcc4b1126809f70fa7bf003ff156a633 (diff) | |
download | chat-c7e9f3cb1b9cedb328da28aa5f4237fdc325e68c.tar.gz chat-c7e9f3cb1b9cedb328da28aa5f4237fdc325e68c.tar.bz2 chat-c7e9f3cb1b9cedb328da28aa5f4237fdc325e68c.zip |
PLT-3264 remove session cookie when switching accounts (#3341)
Diffstat (limited to 'api')
-rw-r--r-- | api/user.go | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/api/user.go b/api/user.go index 8e7329f46..b9ae23ac5 100644 --- a/api/user.go +++ b/api/user.go @@ -2055,6 +2055,7 @@ func oauthToEmail(c *Context, w http.ResponseWriter, r *http.Request) { go sendSignInChangeEmail(c, user.Email, c.GetSiteURL(), c.T("api.templates.signin_change_email.body.method_email")) RevokeAllSession(c, c.Session.UserId) + c.RemoveSessionCookie(w, r) if c.Err != nil { return } @@ -2111,6 +2112,7 @@ func emailToLdap(c *Context, w http.ResponseWriter, r *http.Request) { } RevokeAllSession(c, user.Id) + c.RemoveSessionCookie(w, r) if c.Err != nil { return } @@ -2194,6 +2196,7 @@ func ldapToEmail(c *Context, w http.ResponseWriter, r *http.Request) { } RevokeAllSession(c, user.Id) + c.RemoveSessionCookie(w, r) if c.Err != nil { return } |