hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: accidental unnecessarily strict conditional that effectively rendered SSO state checking opt-in instead of opt-out

Browse Source
v1.18.x
Julian Lam 4 years ago
parent 520050da19
commit a2400f6baf
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/routes/authentication.js
Unescape Escape View File

@ -104,7 +104,7 @@ Auth.reloadRoutes = async function (params) {
prompt: strategy.prompt || undefined, prompt: strategy.prompt || undefined,
}; };
if (strategy.checkState) { if (strategy.checkState !== false) {
req.session.ssoState = req.csrfToken && req.csrfToken(); req.session.ssoState = req.csrfToken && req.csrfToken();
opts.state = req.session.ssoState; opts.state = req.session.ssoState;
} }

Write Preview
Loading…
Cancel
Save