From: Tim Düsterhus Date: Tue, 1 Dec 2020 14:59:00 +0000 (+0100) Subject: Do not request reauthentication from users connected to a third party provider X-Git-Tag: 5.4.0_Alpha_1~555^2~6^2~1 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=fbebdd6e1c68fef1133886fedc4acfcdc58c66f6;p=GitHub%2FWoltLab%2FWCF.git Do not request reauthentication from users connected to a third party provider --- diff --git a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php index 24a0af976f..c468e8e7a3 100644 --- a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php +++ b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php @@ -877,6 +877,11 @@ final class SessionHandler extends SingletonFactory { throw new \BadMethodCallException('The current user is a guest.'); } + // Reauthentication for third party authentication is not supported. + if ($this->getUser()->authData) { + return false; + } + $data = $this->getVar(self::REAUTHENTICATION_KEY); // Request a new authentication if no stored information is available.