Reset Session ID on login (#18018)

* Reset Session ID on login When logging in the SessionID should be reset and the session cleaned up. Signed-off-by: Andrew Thornton <art27@cantab.net> * with new session.RegenerateID function Signed-off-by: Andrew Thornton <art27@cantab.net> * update go-chi/session Signed-off-by: Andrew Thornton <art27@cantab.net> * Ensure that session id is changed after oauth data is set and between account linking pages too Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * as per review Signed-off-by: Andrew Thornton <art27@cantab.net>
2025-05-31 20:02:09 +00:00 · 2021-12-20 14:12:26 +00:00 · 2021-12-20 14:12:26 +00:00 · bcc13f3889
commit bcc13f3889
parent 2cd1479e77
9 changed files with 121 additions and 11 deletions
--- a/go.mod
+++ b/go.mod
@ -9,7 +9,7 @@ require (
 	gitea.com/go-chi/binding v0.0.0-20211013065440-d16dc407c2be
 	gitea.com/go-chi/cache v0.0.0-20211013020926-78790b11abf1
 	gitea.com/go-chi/captcha v0.0.0-20211013065431-70641c1a35d5
-	gitea.com/go-chi/session v0.0.0-20211013065435-7d334f340c09
+	gitea.com/go-chi/session v0.0.0-20211218221615-e3605d8b28b8
 	gitea.com/lunny/levelqueue v0.4.1
 	github.com/42wim/sshsig v0.0.0-20211121163825-841cf5bbc121
 	github.com/Microsoft/go-winio v0.5.0 // indirect