yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes: U4-3482 keepUserLoggedIn setting ignored? and streamlines some of the auth methods.

Browse Source
This commit is contained in:
Shannon
2013-11-12 17:38:32 +11:00
parent c28f800fe6
commit a532b49485
10 changed files with 68 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Umbraco.Web/UmbracoModule.cs
View File

@@ -225,10 +225,17 @@ namespace Umbraco.Web
/// <param name="httpContext"></param>
/// <returns></returns>
/// <remarks>
/// We do not want to renew the ticket when we are checking for the user's remaining timeout.
/// We do not want to renew the ticket when we are checking for the user's remaining timeout unless -
/// UmbracoConfig.For.UmbracoSettings().Security.KeepUserLoggedIn == true
/// </remarks>
internal static bool ShouldIgnoreTicketRenew(Uri url, HttpContextBase httpContext)
{
//this setting will renew the ticket for all requests.
if (UmbracoConfig.For.UmbracoSettings().Security.KeepUserLoggedIn)
{
return false;
}
//initialize the ignore ticket urls - we don't need to lock this, it's concurrent and a hashset
// we don't want to have to gen the url each request so this will speed things up a teeny bit.
if (IgnoreTicketRenewUrls.Any() == false)