hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: #8232, unresolvable session mismatch on register cancel

Browse Source
v1.18.x
Julian Lam 5 years ago
parent e440d617d4
commit f2f6fbf15a
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File

5
src/controllers/authentication.js
Unescape Escape View File

@ -195,6 +195,7 @@ authenticationController.registerComplete = function (req, res, next) {
authenticationController.registerAbort = function (req, res) { authenticationController.registerAbort = function (req, res) {
// End the session and redirect to home // End the session and redirect to home
req.session.destroy(function () { req.session.destroy(function () {
res.clearCookie(nconf.get('sessionKey'), meta.configs.cookie.get());
res.redirect(nconf.get('relative_path') + '/'); res.redirect(nconf.get('relative_path') + '/');
}); });
}; };
@ -423,9 +424,7 @@ authenticationController.logout = async function (req, res, next) {
req.logout(); req.logout();
await destroyAsync(req); await destroyAsync(req);
res.clearCookie(nconf.get('sessionKey'), { res.clearCookie(nconf.get('sessionKey'), meta.configs.cookie.get());
path: nconf.get('relative_path'),
});
req.uid = 0; req.uid = 0;
req.headers['x-csrf-token'] = req.csrfToken(); req.headers['x-csrf-token'] = req.csrfToken();

Write Preview
Loading…
Cancel
Save