diff options
| author | Jonas Schäfer <jonas@wielicki.name> | 2023-03-28 21:25:54 +0200 |
|---|---|---|
| committer | Jonas Schäfer <jonas@wielicki.name> | 2023-03-28 21:25:54 +0200 |
| commit | 124b4fa3026401f75738734edd174bd90d66bf7c (patch) | |
| tree | edef63c992aad93e6cd3b6e448afd30b756c5a01 /plugins | |
| parent | 9305f475250df547e7be4599632020334d15ada4 (diff) | |
| download | prosody-124b4fa3026401f75738734edd174bd90d66bf7c.tar.gz prosody-124b4fa3026401f75738734edd174bd90d66bf7c.zip | |
mod_tokenauth: fix traceback if password has never been changed
By checking the password_updated_at for non-nilness before using it,
we avoid a nasty crash :-).
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/mod_tokenauth.lua | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/mod_tokenauth.lua b/plugins/mod_tokenauth.lua index 5703f4a4..94ecf1ec 100644 --- a/plugins/mod_tokenauth.lua +++ b/plugins/mod_tokenauth.lua @@ -174,7 +174,7 @@ local function _get_validated_token_info(token_id, token_user, token_host, token -- Invalidate grants from before last password change local account_info = usermanager.get_account_info(token_user, module.host); local password_updated_at = account_info and account_info.password_updated; - if grant.created < password_updated_at and password_updated_at then + if password_updated_at and grant.created < password_updated_at then module:log("debug", "Token grant issued before last password change, invalidating it now"); token_store:set_key(token_user, token_id, nil); return nil, "not-authorized"; |