fix(session): Avoid two useless authtoken DB queries for every anonym…

…ous request Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
nextcloud · Jan 6, 2024 · 89d075d · 89d075d
1 parent 2e10c94
commit 89d075d
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
@@ -858,6 +858,13 @@ public function tryTokenLogin(IRequest $request) {
 			return false;
 		}
 
+		// Check if the request had sent a cookie with the instance id as name
+		// If there is no cookie, this is a new session
+		$instanceId = $this->config->getSystemValueString('instanceid');
+		if (is_null($request->getCookie($instanceId))) {
+			return false;
+		}
+
 		try {
 			$dbToken = $this->tokenProvider->getToken($token);
 		} catch (InvalidTokenException $e) {