aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_tokenauth.lua
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/mod_tokenauth.lua')
-rw-r--r--plugins/mod_tokenauth.lua9
1 files changed, 8 insertions, 1 deletions
diff --git a/plugins/mod_tokenauth.lua b/plugins/mod_tokenauth.lua
index 6c94e34f..220f6b87 100644
--- a/plugins/mod_tokenauth.lua
+++ b/plugins/mod_tokenauth.lua
@@ -149,11 +149,12 @@ local function _get_validated_grant_info(username, grant)
-- Invalidate grants from before last password change
local account_info = usermanager.get_account_info(username, module.host);
local password_updated_at = account_info and account_info.password_updated;
+ local now = os.time();
if password_updated_at and grant.created < password_updated_at then
module:log("debug", "Token grant issued before last password change, invalidating it now");
token_store:set_key(username, grant.id, nil);
return nil, "not-authorized";
- elseif grant.expires and grant.expires < os.time() then
+ elseif grant.expires and grant.expires < now then
module:log("debug", "Token grant expired, cleaning up");
token_store:set_key(username, grant.id, nil);
return nil, "expired";
@@ -164,6 +165,12 @@ local function _get_validated_grant_info(username, grant)
token_store:set_key(username, grant.id, nil);
return nil, "invalid";
end
+ for secret_hash, token_info in pairs(grant.tokens) do
+ if token_info.expires and token_info.expires < now then
+ module:log("debug", "Token has expired, cleaning it up");
+ grant.tokens[secret_hash] = nil;
+ end
+ end
return grant;
end