Only load user from session if other auth mechanisms aren't present.

This commit is contained in:
Isaac Connor 2020-03-02 11:51:07 -05:00
parent 5f16c10e0a
commit f0e7b84001
1 changed files with 3 additions and 2 deletions

View File

@ -263,8 +263,6 @@ if ( ZM_OPT_USE_AUTH ) {
} else {
// Non token based auth
$user = userFromSession();
if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) {
$user = getAuthUser($_REQUEST['auth']);
} else if (
@ -280,6 +278,9 @@ if ( ZM_OPT_USE_AUTH ) {
return;
}
$user = $ret[0];
} else {
$user = userFromSession();
}
if ( !empty($user) ) {