jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Validate token scopes

Browse Source
This commit is contained in:
Johannes Zellner
2022-09-23 12:57:13 +02:00
parent 56c567ac86
commit 70d3040135
4 changed files with 39 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/routes/cloudron.js
View File

@@ -71,11 +71,11 @@ async function login(req, res, next) {
}
async function logout(req, res) {
assert.strictEqual(typeof req.access_token, 'string');
assert.strictEqual(typeof req.token, 'object');
await eventlog.add(eventlog.ACTION_USER_LOGOUT, AuditSource.fromRequest(req), { userId: req.user.id, user: users.removePrivateFields(req.user) });
await safe(tokens.delByAccessToken(req.access_token));
await safe(tokens.delByAccessToken(req.token.accessToken));
res.redirect('/login.html');
}