Mercurial Mercurial > prosody > prosody / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_tokenauth: Remove expired tokens from storage
authorMatthew Wild <mwild1@gmail.com>
Thu, 06 Oct 2022 16:00:39 +0100
changeset 12747 19113f232423
parent 12746 126aefd2c4c6
child 12748 e894677359e5
mod_tokenauth: Remove expired tokens from storage
plugins/mod_tokenauth.lua file | annotate | diff | comparison | revisions 
--- a/plugins/mod_tokenauth.lua	Thu Oct 06 15:59:07 2022 +0100
+++ b/plugins/mod_tokenauth.lua	Thu Oct 06 16:00:39 2022 +0100
@@ -65,12 +65,14 @@
 	end
 
 	if token_info.expires and token_info.expires < os.time() then
+		token_store:set(token_user, token_id, nil);
 		return nil, "not-authorized";
 	end
 
 	local account_info = usermanager.get_account_info(token_user, module.host);
 	local password_updated_at = account_info and account_info.password_updated;
 	if password_updated_at and password_updated_at > token_info.created then
+		token_store:set(token_user, token_id, nil);
 		return nil, "not-authorized";
 	end
prosody