Properly check email and session id in authenticateAndRun SOAP call (#1041) (!1044) · Merge requests · David Verdin / sympa · GitLab

David Verdin requested to merge github/fork/racke/pr/soap-api-access-fix into sympa-6.2 Nov 27, 2020

Created by: racke

Fix the defects in the current check:

Allows bogus session id
Allows session id which belongs to different user

May fix #1041 (closed).