Fix OAuth2 token lingering after revocation
This commit is contained in:
parent
a1641193b5
commit
ac78f80194
1
changelog.d/oauth2-token-linger.fix
Normal file
1
changelog.d/oauth2-token-linger.fix
Normal file
@ -0,0 +1 @@
|
||||
Fix OAuth2 token lingering after revocation
|
@ -651,6 +651,12 @@ const users = {
|
||||
const response = data.error
|
||||
// Authentication failed
|
||||
commit('endLogin')
|
||||
|
||||
// remove authentication token on client/authentication errors
|
||||
if ([400, 401, 403, 422].includes(response.status)) {
|
||||
commit('clearToken')
|
||||
}
|
||||
|
||||
if (response.status === 401) {
|
||||
reject(new Error('Wrong username or password'))
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user