mod_tokenauth: Remove expired tokens from storage

author: Matthew Wild <mwild1@gmail.com> 2022-10-06 16:00:39 +0100
committer: Matthew Wild <mwild1@gmail.com> 2022-10-06 16:00:39 +0100
commit: 12fc0febf172dd25d403af6365f3e5042b06d6dd (patch)
tree: c631ef63b7f2e9114830acc2ebaea5ec29cacd0f /plugins
parent: 36afd999b1042b997ae59c81dce755fb01ee2b11 (diff)
download: prosody-12fc0febf172dd25d403af6365f3e5042b06d6dd.tar.gz
prosody-12fc0febf172dd25d403af6365f3e5042b06d6dd.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/plugins/mod_tokenauth.lua b/plugins/mod_tokenauth.lua
index 450e2f0a..22d2199a 100644
--- a/plugins/mod_tokenauth.lua
+++ b/plugins/mod_tokenauth.lua
@@ -65,12 +65,14 @@ local function _get_parsed_token_info(token_id, token_user, token_host)
 	end
 
 	if token_info.expires and token_info.expires < os.time() then
+		token_store:set(token_user, token_id, nil);
 		return nil, "not-authorized";
 	end
 
 	local account_info = usermanager.get_account_info(token_user, module.host);
 	local password_updated_at = account_info and account_info.password_updated;
 	if password_updated_at and password_updated_at > token_info.created then
+		token_store:set(token_user, token_id, nil);
 		return nil, "not-authorized";
 	end
author	Matthew Wild <mwild1@gmail.com>	2022-10-06 16:00:39 +0100
committer	Matthew Wild <mwild1@gmail.com>	2022-10-06 16:00:39 +0100
commit	12fc0febf172dd25d403af6365f3e5042b06d6dd (patch)
tree	c631ef63b7f2e9114830acc2ebaea5ec29cacd0f /plugins
parent	36afd999b1042b997ae59c81dce755fb01ee2b11 (diff)
download	prosody-12fc0febf172dd25d403af6365f3e5042b06d6dd.tar.gz prosody-12fc0febf172dd25d403af6365f3e5042b06d6dd.zip