# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1699197040 -3600
# Node ID 852a61c720d0e96da3f4bea3416479f766883d32
# Parent  874600c982bd2a5a020db39042d091082d21120c
mod_tokenauth: Fix saving grants after clearing expired tokens

Previously the whole grant was deleted if it found one expired toke,
which was not indented.

diff -r 874600c982bd -r 852a61c720d0 plugins/mod_tokenauth.lua
--- a/plugins/mod_tokenauth.lua	Sat Nov 04 17:12:01 2023 +0100
+++ b/plugins/mod_tokenauth.lua	Sun Nov 05 16:10:40 2023 +0100
@@ -166,22 +166,22 @@
 		token_store:set_key(username, grant.id, nil);
 		return nil, "invalid";
 	end
+
+	local found_expired = false
 	for secret_hash, token_info in pairs(grant.tokens) do
-		local found_expired = false
 		if token_info.expires and token_info.expires < now then
 			module:log("debug", "Token has expired, cleaning it up");
 			grant.tokens[secret_hash] = nil;
 			found_expired = true;
 		end
-		if found_expired then
-			token_store:set_key(username, grant.id, nil);
-		end
 	end
 
 	if not grant.expires and next(grant.tokens) == nil and grant.accessed + empty_grant_lifetime < now then
 		module:log("debug", "Token grant has no tokens, discarding");
 		token_store:set_key(username, grant.id, nil);
 		return nil, "expired";
+	elseif found_expired then
+		token_store:set_key(username, grant.id, grant);
 	end
 
 	return grant;