The authentication logic in CoreLogonMultisite.php only verifies the cookie hash, but does not include any check for session expiration.
This change performs that validation by using the session cookie to authenticate against the Checkmk Rest API. If the session is expired, then that connection will fail and the session cookie will be invalid.
The authentication logic in CoreLogonMultisite.php only verifies the cookie hash, but does not include any check for session expiration.
This change performs that validation by using the session cookie to authenticate against the Checkmk Rest API. If the session is expired, then that connection will fail and the session cookie will be invalid.