mirror of
https://github.com/aclindsa/moneygo.git
synced 2024-12-25 23:23:21 -05:00
Ensure we don't have duplicate session secrets
This commit is contained in:
parent
56dcc5e1d7
commit
216d413c15
@ -81,6 +81,14 @@ func NewSession(tx *Tx, r *http.Request, userid int64) (*NewSessionWriter, error
|
||||
return nil, err
|
||||
}
|
||||
|
||||
existing, err := tx.SelectInt("SELECT count(*) from sessions where SessionSecret=?", session_secret)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if existing > 0 {
|
||||
return nil, fmt.Errorf("%d session(s) exist with the generated session_secret")
|
||||
}
|
||||
|
||||
cookie := http.Cookie{
|
||||
Name: "moneygo-session",
|
||||
Value: session_secret,
|
||||
|
Loading…
Reference in New Issue
Block a user