mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 05:07:42 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

mod_tokenauth: Remove expired tokens from storage

Browse source
This commit is contained in:
Matthew Wild 2022-10-06 16:00:39 +01:00
parent 36afd999b1
commit 12fc0febf1
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
plugins/mod_tokenauth.lua
View file

@ -65,12 +65,14 @@ local function _get_parsed_token_info(token_id, token_user, token_host)
end
if token_info.expires and token_info.expires < os.time() then
token_store:set(token_user, token_id, nil);
return nil, "not-authorized";
end
local account_info = usermanager.get_account_info(token_user, module.host);
local password_updated_at = account_info and account_info.password_updated;
if password_updated_at and password_updated_at > token_info.created then
token_store:set(token_user, token_id, nil);
return nil, "not-authorized";
end