Backport #11590
Unfortunately when the virtual session is released it requires that the
real session does not exist. This worked fine when sessions were only
saved at the end of request/response cycle however, now sessions are
saved proactively this does not hold.
The result is a caught panic in the logs during every log-in. This
panic has no significant side-effects but should not occur.
This PR marks the virtual session as released when released and updates
it if the same session is released again.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Unfortunately MemProvider Init does not actually Init properly
Worse all of its members are private and you cannot update them.
Simple fix copy it in to modules session.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix misspelling
* Prevent creating empty sessions
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update modules/setting/session.go
* Remove unnecessary option
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add destory to list of ignored misspellings
* rename cookie.go -> virtual.go
* Delete old file
* Add test to ensure that sessions are not created without being logged in
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix tests
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update integrations/create_no_session_test.go