Skip to content
This repository has been archived by the owner on Sep 2, 2022. It is now read-only.

Commit

Permalink
VP-2600: Force re-login when impersonating (#509)
Browse files Browse the repository at this point in the history
  • Loading branch information
Egis authored Aug 17, 2020
1 parent a238352 commit 7c33a6f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion VirtoCommerce.Storefront/Controllers/AccountController.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -259,7 +259,7 @@ public async Task<ActionResult> ConfirmEmail(string token)
[HttpGet("impersonate/{userId}")]
public async Task<IActionResult> ImpersonateUser(string userId)
{
if (User.Identity.Name == SecurityConstants.AnonymousUsername)
if (User.Identity.Name == SecurityConstants.AnonymousUsername || User.Claims.Any(x => x.Type == SecurityConstants.Claims.OperatorUserNameClaimType))
{
return StoreFrontRedirect($"~/account/login?ReturnUrl={Request.Path}");
}
Expand Down

0 comments on commit 7c33a6f

Please sign in to comment.