security: filter out master_session if it's set to None

inveniosoftware · Sep 18, 2024 · 9e08245 · 9e08245
1 parent f39f60d
commit 9e08245
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/invenio_accounts/views/security.py b/invenio_accounts/views/security.py
@@ -27,10 +27,14 @@ def security():
         if SessionActivity.is_current(session.sid_s):
             master_session = session
             del sessions[index]
+
+    # If the master session is still `None`, filter it out
+    sessions = [master_session] + sessions if master_session is not None else sessions
+
     return render_template(
         current_app.config["ACCOUNTS_SETTINGS_SECURITY_TEMPLATE"],
         formclass=RevokeForm,
-        sessions=[master_session] + sessions,
+        sessions=sessions,
         is_current=SessionActivity.is_current,
     )