Merge branch '0_3' into 0_4

metaclass-nl · Sep 19, 2017 · aa8ab87 · aa8ab87
2 parents 386d070 + 813f7fa
commit aa8ab87
Showing 1 changed file with 0 additions and 9 deletions.
diff --git a/Service/UsernamePasswordFormAuthenticationGuard.php b/Service/UsernamePasswordFormAuthenticationGuard.php
@@ -125,15 +125,6 @@ protected function attemptAuthentication(Request $request)
                     //authenticated! No need to hide timing
                     $this->governor->registerAuthenticationSuccess();
 
-                    //when the user goes to the login page without logging out or on reauthentication because of
-                    //an InsufficientAuthenticationException there may still be a UsernamePasswordToken
-                    $oldToken = $this->myTokenStorage->getToken();
-                    $oldUserName = $oldToken instanceof UsernamePasswordToken ? $oldToken->getUserName() : '';
-                    if ($newToken instanceof UsernamePasswordToken && trim($newToken->getUserName()) != trim($oldUserName)) {
-                        //user has changed without logout, clear session so that the data of the old user can not leak to the new user
-                        $request->getSession()->clear();
-                    }
-
                     return $newToken;
                } catch (AuthenticationException $e) {
                     if ($this->isClientResponsibleFor($e)) {