From: Moritz Bunkus <m.bunkus@linet.de>
Date: Tue, 1 Dec 2020 08:49:10 +0000 (+0100)
Subject: HTTP-Header: Lebenszeit für Session-ID-Cookie setzen gefixt
X-Git-Tag: kivitendo-mebil_0.1-0~9^2~583
X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=d56bda4518586c3b0220c18445394f35ec121d84;hp=50a6450fe0ee8e4576e4de99185c2ba04b18a5c3;p=kivitendo-erp.git

HTTP-Header: Lebenszeit für Session-ID-Cookie setzen gefixt

Der Name des Parameters lautet `-expires`, nicht `-expire`.

Außerdem den Timeout direkt aus `$::auth` lesen, um denselben
Standardwert zu nehmen, falls der Timeout nicht in der Konfiguration
gesetzt ist.
---

diff --git a/SL/Form.pm b/SL/Form.pm
index 46c52cb91..b8670ca41 100644
--- a/SL/Form.pm
+++ b/SL/Form.pm
@@ -382,11 +382,11 @@ sub create_http_response {
     my $session_cookie_value = $main::auth->get_session_id();
 
     if ($session_cookie_value) {
-      $session_cookie = $cgi->cookie('-name'   => $main::auth->get_session_cookie_name(),
-                                     '-value'  => $session_cookie_value,
-                                     '-path'   => $uri->path,
-                                     '-expire' => '+' . ($::lx_office_conf{authentication}->{session_timeout} // 60) . 'm',
-                                     '-secure' => $::request->is_https);
+      $session_cookie = $cgi->cookie('-name'    => $main::auth->get_session_cookie_name(),
+                                     '-value'   => $session_cookie_value,
+                                     '-path'    => $uri->path,
+                                     '-expires' => '+' . $::auth->{session_timeout} . 'm',
+                                     '-secure'  => $::request->is_https);
     }
   }