up

upbond · Apr 28, 2021 · d60671d · d60671d
1 parent 5627392
commit d60671d
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/src/Auth.php b/src/Auth.php
@@ -515,10 +515,17 @@ public function exchange()
         }
 
         $state = $this->getState();
-        if (! $state || ! $this->transientHandler->verify(self::TRANSIENT_STATE_KEY, $state)) {
+
+        $stateless = session('upbond_auth__stateless');
+
+        if (!$stateless && 
+            (! $state || ! $this->transientHandler->verify(self::TRANSIENT_STATE_KEY, $state))
+            ) {
             throw new CoreException('Invalid state');
         }
 
+        session(['upbond_auth__stateless' => false]);
+
         if ($this->user) {
             throw new CoreException('Can\'t initialize a new session while there is one active session already');
         }