fix: locking the session object when it's read by the api module (fixes #349)

2025-07-07 13:32:07 -07:00 · 2018-09-27 15:25:35 +02:00 · 2018-09-27 15:25:35 +02:00 · 7b7739358d
commit 7b7739358d
parent 7951981815
2 changed files with 15 additions and 0 deletions
--- a/modules/api_rest_controller.go
+++ b/modules/api_rest_controller.go
@ -186,6 +186,9 @@ func (api *RestAPI) sessionRoute(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	session.I.Lock()
+	defer session.I.Unlock()
+
 	path := r.URL.String()
 	switch {
 	case path == "/api/session":