From f28509608b06e650394fa367bafd3e54d2c8c54f Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Wed, 22 Jun 2022 08:48:14 +0200
Subject: [PATCH] core: mark session as modified instead of saving it directly
 to bump expiry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/core/api/users.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py
index f6862908b..723696546 100644
--- a/authentik/core/api/users.py
+++ b/authentik/core/api/users.py
@@ -361,7 +361,7 @@ class UserViewSet(UsedByMixin, ModelViewSet):
                 instance=request._request.session[SESSION_KEY_IMPERSONATE_ORIGINAL_USER],
                 context=context,
             ).data
-        self.request.session.save()
+        self.request.session.modified = True
         return Response(serializer.initial_data)
 
     @permission_required("authentik_core.reset_user_password")