*/
public function generateStaySignedInToken($clientIpAddress)
{
+ if ($this->configManager->get('security.session_protection_disabled') === true) {
+ $clientIpAddress = '';
+ }
$this->staySignedInToken = sha1(
$this->configManager->get('credentials.hash')
. $clientIpAddress
// The user client has a valid stay-signed-in cookie
// Session information is updated with the current client information
$this->sessionManager->storeLoginInfo($clientIpId);
-
} elseif ($this->sessionManager->hasSessionExpired()
|| $this->sessionManager->hasClientIpChanged($clientIpId)
) {