Mercurial > prosody-hg
comparison plugins/mod_tokenauth.lua @ 13305:852a61c720d0
mod_tokenauth: Fix saving grants after clearing expired tokens
Previously the whole grant was deleted if it found one expired toke,
which was not indented.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 05 Nov 2023 16:10:40 +0100 |
| parents | c34266c061c9 |
| children | 19c814d4dd3a |
comparison
equal
deleted
inserted
replaced
| 13304:874600c982bd | 13305:852a61c720d0 |
|---|---|
| 164 if not grant.tokens then | 164 if not grant.tokens then |
| 165 module:log("debug", "Token grant without tokens, cleaning up"); | 165 module:log("debug", "Token grant without tokens, cleaning up"); |
| 166 token_store:set_key(username, grant.id, nil); | 166 token_store:set_key(username, grant.id, nil); |
| 167 return nil, "invalid"; | 167 return nil, "invalid"; |
| 168 end | 168 end |
| 169 | |
| 170 local found_expired = false | |
| 169 for secret_hash, token_info in pairs(grant.tokens) do | 171 for secret_hash, token_info in pairs(grant.tokens) do |
| 170 local found_expired = false | |
| 171 if token_info.expires and token_info.expires < now then | 172 if token_info.expires and token_info.expires < now then |
| 172 module:log("debug", "Token has expired, cleaning it up"); | 173 module:log("debug", "Token has expired, cleaning it up"); |
| 173 grant.tokens[secret_hash] = nil; | 174 grant.tokens[secret_hash] = nil; |
| 174 found_expired = true; | 175 found_expired = true; |
| 175 end | 176 end |
| 176 if found_expired then | |
| 177 token_store:set_key(username, grant.id, nil); | |
| 178 end | |
| 179 end | 177 end |
| 180 | 178 |
| 181 if not grant.expires and next(grant.tokens) == nil and grant.accessed + empty_grant_lifetime < now then | 179 if not grant.expires and next(grant.tokens) == nil and grant.accessed + empty_grant_lifetime < now then |
| 182 module:log("debug", "Token grant has no tokens, discarding"); | 180 module:log("debug", "Token grant has no tokens, discarding"); |
| 183 token_store:set_key(username, grant.id, nil); | 181 token_store:set_key(username, grant.id, nil); |
| 184 return nil, "expired"; | 182 return nil, "expired"; |
| 183 elseif found_expired then | |
| 184 token_store:set_key(username, grant.id, grant); | |
| 185 end | 185 end |
| 186 | 186 |
| 187 return grant; | 187 return grant; |
| 188 end | 188 end |
| 189 | 189 |
