From ad3ab533edfee569a4b9948db48e0089de5e1162 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 29 Nov 2023 17:51:34 +0000 Subject: mod_tokenauth: Ignore invalid grants in storage that have no id --- plugins/mod_tokenauth.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/mod_tokenauth.lua b/plugins/mod_tokenauth.lua index cb2b63c2..95b0f8d6 100644 --- a/plugins/mod_tokenauth.lua +++ b/plugins/mod_tokenauth.lua @@ -145,7 +145,7 @@ local function _get_validated_grant_info(username, grant) if type(grant) == "string" then grant = token_store:get_key(username, grant); end - if not grant or not grant.created then return nil; end + if not grant or not grant.created or not grant.id then return nil; end -- Invalidate grants from before last password change local account_info = usermanager.get_account_info(username, module.host); -- cgit v1.2.3