From c2f1389a568653fffdc385bbfce956ecea613421 Mon Sep 17 00:00:00 2001
From: Torsten Dittmann <torsten.dittmann@googlemail.com>
Date: Mon, 19 Jul 2021 17:09:39 +0200
Subject: [PATCH] fix(jwt): correct session validation

---
 app/init.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/init.php b/app/init.php
index a139a4f841..6461f50acb 100644
--- a/app/init.php
+++ b/app/init.php
@@ -467,7 +467,7 @@ App::setResource('user', function($mode, $project, $console, $request, $response
             $user = $projectDB->getDocument($jwtUserId);
         }
 
-        if (empty($user->search('$id', $jwtSessionId, $user->getAttribute('tokens')))) { // Match JWT to active token
+        if (empty($user->search('$id', $jwtSessionId, $user->getAttribute('sessions')))) { // Match JWT to active token
             $user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]);
         }
     }