prosody
d943733c6d01
plugins/mod_tokenauth.lua
Software / code / prosody
Comparison
plugins/mod_tokenauth.lua @ 13006:d943733c6d01
mod_tokenauth: fix traceback if password has never been changed
By checking the password_updated_at for non-nilness before using it,
we avoid a nasty crash :-).
| author | Jonas Schäfer <jonas@wielicki.name> |
|---|---|
| date | Tue, 28 Mar 2023 21:25:54 +0200 |
| parent | 13003:34ed17ef1c1a |
| child | 13009:a70ff0c524c9 |
comparison
equal
deleted
inserted
replaced
| 13005:1167aaf1aa1f | 13006:d943733c6d01 |
|---|---|
| 172 end | 172 end |
| 173 | 173 |
| 174 -- Invalidate grants from before last password change | 174 -- Invalidate grants from before last password change |
| 175 local account_info = usermanager.get_account_info(token_user, module.host); | 175 local account_info = usermanager.get_account_info(token_user, module.host); |
| 176 local password_updated_at = account_info and account_info.password_updated; | 176 local password_updated_at = account_info and account_info.password_updated; |
| 177 if grant.created < password_updated_at and password_updated_at then | 177 if password_updated_at and grant.created < password_updated_at then |
| 178 module:log("debug", "Token grant issued before last password change, invalidating it now"); | 178 module:log("debug", "Token grant issued before last password change, invalidating it now"); |
| 179 token_store:set_key(token_user, token_id, nil); | 179 token_store:set_key(token_user, token_id, nil); |
| 180 return nil, "not-authorized"; | 180 return nil, "not-authorized"; |
| 181 end | 181 end |
| 182 | 182 |
