#90 Don't create session for initial user

TheHive-Project · Jul 3, 2019 · a856d66 · a856d66
1 parent 2080df7
commit a856d66
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/app/org/elastic4play/controllers/Authenticated.scala b/app/org/elastic4play/controllers/Authenticated.scala
@@ -93,7 +93,7 @@ class Authenticated(
     * Cookie is signed by Play framework (it cannot be modified by user)
     */
   def setSessingUser(result: Result, authContext: AuthContext)(implicit request: RequestHeader): Result =
-    if (authContext.authMethod != "key")
+    if (authContext.authMethod != "key" && authContext.authMethod != "init")
       result.addingToSession(
         sessionUsername → authContext.userId,
         "expire"        → (now + maxSessionInactivity.toMillis).toString,