There should never be more than one token

zalando-zmon · Feb 16, 2017 · 0b6e3c6 · 0b6e3c6
1 parent bbca6c8
commit 0b6e3c6
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/zmon-security-common/src/main/java/org/zalando/zmon/security/tvtoken/TvTokenService.java b/zmon-security-common/src/main/java/org/zalando/zmon/security/tvtoken/TvTokenService.java
@@ -34,7 +34,7 @@ public static String remoteIp(HttpServletRequest request) {
     // TODO use sproc
     public boolean isValidToken(String token, String bindIp, String sessionId) {
         List<OnetimeTokenInfo> result = oneTimeTokenSProcService.bindOnetimeToken(token, bindIp, sessionId);
-        return result.size() > 0 ? true : false;
+        return result.size() == 1 ? true : false;
     }
 
     public void deleteCookiesIfExistent(HttpServletRequest request, HttpServletResponse response) {