From 8602c2b17f864e2d10af61a083685b115703aabf Mon Sep 17 00:00:00 2001
From: Deon George <deon@dege.au>
Date: Mon, 9 Jun 2025 10:31:25 +1000
Subject: [PATCH] Only swap in user's credentials if the requested page is not
 the logout page. This avoids an issue if the user's credentials are changed
 during their session, they couldnt log out

---
 app/Http/Middleware/SwapinAuthUser.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Middleware/SwapinAuthUser.php b/app/Http/Middleware/SwapinAuthUser.php
index d69eb814..1e421dfe 100644
--- a/app/Http/Middleware/SwapinAuthUser.php
+++ b/app/Http/Middleware/SwapinAuthUser.php
@@ -29,7 +29,7 @@ class SwapinAuthUser
 		if (! array_key_exists($key,config('ldap.connections')))
 			abort(599,sprintf('LDAP default server [%s] configuration doesnt exist?',$key));
 
-		if (Session::has('username_encrypt') && Session::has('password_encrypt')) {
+		if (($request->path() !== 'logout') && Session::has('username_encrypt') && Session::has('password_encrypt')) {
 			Config::set('ldap.connections.'.$key.'.username',Crypt::decryptString(Session::get('username_encrypt')));
 			Config::set('ldap.connections.'.$key.'.password',Crypt::decryptString(Session::get('password_encrypt')));