Merge branch 'fix-oauth2-token-linger' into 'develop'

Fix OAuth2 token lingering after revocation See merge request pleroma/pleroma-fe!1852
1 year ago · b167025554
parent 3c041b2ba1 ac78f80194
commit b167025554
2 changed files with 7 additions and 0 deletions
--- a/changelog.d/oauth2-token-linger.fix
+++ b/changelog.d/oauth2-token-linger.fix
@ -0,0 +1 @@
+Fix OAuth2 token lingering after revocation
--- a/src/modules/users.js
+++ b/src/modules/users.js
@ -651,6 +651,12 @@ const users = {
              const response = data.error
              // Authentication failed
              commit('endLogin')
+
+              // remove authentication token on client/authentication errors
+              if ([400, 401, 403, 422].includes(response.status)) {
+                commit('clearToken')
+              }
+
              if (response.status === 401) {
                reject(new Error('Wrong username or password'))
              } else {