Changeset

5306:210aeb5afe42

mod_client_management: Fail to revoke clients that have used passwords Return an error so the caller can take appropriate action, e.g. encouraging the user to change their password.
author Matthew Wild <mwild1@gmail.com>
date Wed, 05 Apr 2023 19:45:13 +0100
parents 5305:9b9f35aaeb91
children 5307:2bb27dfd10d5
files mod_client_management/mod_client_management.lua
diffstat 1 files changed, 3 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mod_client_management/mod_client_management.lua	Wed Apr 05 19:42:16 2023 +0100
+++ b/mod_client_management/mod_client_management.lua	Wed Apr 05 19:45:13 2023 +0100
@@ -294,6 +294,9 @@
 				local ok = tokenauth.revoke_grant(username, status.grant.id);
 				if not ok then return nil, "internal-server-error"; end
 			end
+			if status.password then
+				return nil, "password-reset-required";
+			end
 			return true;
 		elseif c_type == "grant" then
 			local grant = tokenauth.get_grant_info(username, c_id);