jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Actually destroy the OAuth session on token revokation

Browse Source
This commit is contained in:
Johannes Zellner
2019-11-08 17:24:52 +01:00
parent b6b5875786
commit 52e1ce5237
2 changed files with 6 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/views/profile.js
+5 -7
View File
@@ -305,13 +305,11 @@ angular.module('Application').controller('ProfileController', ['$scope', '$locat
}
$scope.revokeTokens = function () {
asyncForEach($scope.activeClients, revokeTokensByClient, function () {
// now kill this session if exists
if (!$scope.webadminClient || !$scope.webadminClient.id) return;
revokeTokensByClient($scope.webadminClient, function () {
// we should be logged out by now
// first revoke all non webadmin tokens
asyncForEach($scope.activeClients.filter(function (c) { return c.id !== 'cid-webadmin'; }), revokeTokensByClient, function () {
// WARNING keep in sync with clients.js in box code
revokeTokensByClient('cid-webadmin', function () {
Client.logout(); // this destroys the OAuth session
});
});
};