luisgulo/BookStack
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
BookStack/app/Http/Controllers/Auth
History
Dan Brown cdef1b3ab0
Updated SAML ACS post to retain user session 
Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.

Updated testing to cover.
2021-10-20 13:34:00 +01:00
..
ConfirmEmailController.php
ForgotPasswordController.php
HandlesPartialLogins.php
LoginController.php
MfaBackupCodesController.php
MfaController.php
MfaTotpController.php Fixed guest user email showing in TOTP setup url 2021-10-14 18:02:16 +01:00
OidcController.php Applied latest styles changes from style CI 2021-10-16 16:01:59 +01:00
RegisterController.php
ResetPasswordController.php
Saml2Controller.php Updated SAML ACS post to retain user session 2021-10-20 13:34:00 +01:00
SocialController.php
UserInviteController.php