Merge pull request #3230 from Icinga/bugfix/application-state-log-out-2882

/application-state: ignore unauthenticated requests
2018-01-16 10:20:13 +01:00 · 2018-01-16 10:20:13 +01:00 · 44fccfff4d
parent 76bc59b7bf b790cc98c1
commit 44fccfff4d
1 changed files with 37 additions and 32 deletions
--- a/application/controllers/ApplicationStateController.php
+++ b/application/controllers/ApplicationStateController.php
@ -14,43 +14,48 @@ use Icinga\Web\Session;
 */
 class ApplicationStateController extends Controller
 {
+    protected $requiresAuthentication = false;
+
    public function indexAction()
    {
        $this->_helper->layout()->disableLayout();
-        if (isset($_COOKIE['icingaweb2-session'])) {
-            $last = (int) $_COOKIE['icingaweb2-session'];
-        } else {
-            $last = 0;
-        }
-        $now = time();
-        if ($last + 600 < $now) {
-            Session::getSession()->write();
-            $params = session_get_cookie_params();
-            setcookie(
-                'icingaweb2-session',
-                $now,
-                null,
-                $params['path'],
-                $params['domain'],
-                $params['secure'],
-                $params['httponly']
-            );
-            $_COOKIE['icingaweb2-session'] = $now;
-        }
-        $announcementCookie = new AnnouncementCookie();
-        $announcementRepo = new AnnouncementIniRepository();
-        if ($announcementCookie->getEtag() !== $announcementRepo->getEtag()) {
-            $announcementCookie
-                ->setEtag($announcementRepo->getEtag())
-                ->setNextActive($announcementRepo->findNextActive());
-            $this->getResponse()->setCookie($announcementCookie);
-            $this->getResponse()->setHeader('X-Icinga-Announcements', 'refresh', true);
-        } else {
-            $nextActive = $announcementCookie->getNextActive();
-            if ($nextActive && $nextActive <= $now) {
-                $announcementCookie->setNextActive($announcementRepo->findNextActive());
+
+        if ($this->Auth()->isAuthenticated()) {
+            if (isset($_COOKIE['icingaweb2-session'])) {
+                $last = (int) $_COOKIE['icingaweb2-session'];
+            } else {
+                $last = 0;
+            }
+            $now = time();
+            if ($last + 600 < $now) {
+                Session::getSession()->write();
+                $params = session_get_cookie_params();
+                setcookie(
+                    'icingaweb2-session',
+                    $now,
+                    null,
+                    $params['path'],
+                    $params['domain'],
+                    $params['secure'],
+                    $params['httponly']
+                );
+                $_COOKIE['icingaweb2-session'] = $now;
+            }
+            $announcementCookie = new AnnouncementCookie();
+            $announcementRepo = new AnnouncementIniRepository();
+            if ($announcementCookie->getEtag() !== $announcementRepo->getEtag()) {
+                $announcementCookie
+                    ->setEtag($announcementRepo->getEtag())
+                    ->setNextActive($announcementRepo->findNextActive());
                $this->getResponse()->setCookie($announcementCookie);
                $this->getResponse()->setHeader('X-Icinga-Announcements', 'refresh', true);
+            } else {
+                $nextActive = $announcementCookie->getNextActive();
+                if ($nextActive && $nextActive <= $now) {
+                    $announcementCookie->setNextActive($announcementRepo->findNextActive());
+                    $this->getResponse()->setCookie($announcementCookie);
+                    $this->getResponse()->setHeader('X-Icinga-Announcements', 'refresh', true);
+                }
            }
        }