Fix OAuth2 token lingering after revocation
This commit is contained in:
parent
a1641193b5
commit
ac78f80194
1
changelog.d/oauth2-token-linger.fix
Normal file
1
changelog.d/oauth2-token-linger.fix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix OAuth2 token lingering after revocation
|
@ -651,6 +651,12 @@ const users = {
|
|||||||
const response = data.error
|
const response = data.error
|
||||||
// Authentication failed
|
// Authentication failed
|
||||||
commit('endLogin')
|
commit('endLogin')
|
||||||
|
|
||||||
|
// remove authentication token on client/authentication errors
|
||||||
|
if ([400, 401, 403, 422].includes(response.status)) {
|
||||||
|
commit('clearToken')
|
||||||
|
}
|
||||||
|
|
||||||
if (response.status === 401) {
|
if (response.status === 401) {
|
||||||
reject(new Error('Wrong username or password'))
|
reject(new Error('Wrong username or password'))
|
||||||
} else {
|
} else {
|
||||||
|
Loading…
Reference in New Issue
Block a user