userman icon indicating copy to clipboard operation
userman copied to clipboard
verified publisher icon rejectedsoftware

userman.web.authenticate() assumes no session data if not logged in

Open thaven opened this issue 8 years ago • 0 comments

This function simply checks if req.session exists. This is not correct, as web applications may keep session data for non-authenticated visitors.

thaven avatar Feb 09 '17 15:02 thaven