--- a/plugins/mod_tokenauth.lua Thu Oct 06 15:59:07 2022 +0100
+++ b/plugins/mod_tokenauth.lua Thu Oct 06 16:00:39 2022 +0100
@@ -65,12 +65,14 @@
end
if token_info.expires and token_info.expires < os.time() then
+ token_store:set(token_user, token_id, nil);
return nil, "not-authorized";
end
local account_info = usermanager.get_account_info(token_user, module.host);
local password_updated_at = account_info and account_info.password_updated;
if password_updated_at and password_updated_at > token_info.created then
+ token_store:set(token_user, token_id, nil);
return nil, "not-authorized";
end