From 6adbba54cebdfaedebe5376649febc3467029d8b Mon Sep 17 00:00:00 2001 From: Harvey Tindall Date: Thu, 22 Jun 2023 20:58:56 +0100 Subject: [PATCH] userpage: invalid refresh token on pw change user has to log in again, although this is not strictly enforced, as the standard token remains valid until its expiry. --- api-userpage.go | 35 +++++++++++++++++++++-------------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/api-userpage.go b/api-userpage.go index 413f8cf..7996157 100644 --- a/api-userpage.go +++ b/api-userpage.go @@ -603,20 +603,27 @@ func (app *appContext) ChangeMyPassword(gc *gin.Context) { return } if app.config.Section("ombi").Key("enabled").MustBool(false) { - ombiUser, status, err := app.getOmbiUser(gc.GetString("jfId")) - if status != 200 || err != nil { - app.err.Printf("Failed to get user \"%s\" from ombi (%d): %v", user.Name, status, err) - respondBool(204, true, gc) - return - } - ombiUser["password"] = req.New - status, err = app.ombi.ModifyUser(ombiUser) - if status != 200 || err != nil { - app.err.Printf("Failed to set password for ombi user \"%s\" (%d): %v", ombiUser["userName"], status, err) - respondBool(204, true, gc) - return - } - app.debug.Printf("Reset password for ombi user \"%s\"", ombiUser["userName"]) + func() { + ombiUser, status, err := app.getOmbiUser(gc.GetString("jfId")) + if status != 200 || err != nil { + app.err.Printf("Failed to get user \"%s\" from ombi (%d): %v", user.Name, status, err) + return + } + ombiUser["password"] = req.New + status, err = app.ombi.ModifyUser(ombiUser) + if status != 200 || err != nil { + app.err.Printf("Failed to set password for ombi user \"%s\" (%d): %v", ombiUser["userName"], status, err) + return + } + app.debug.Printf("Reset password for ombi user \"%s\"", ombiUser["userName"]) + }() + } + cookie, err := gc.Cookie("user-refresh") + if err == nil { + app.invalidTokens = append(app.invalidTokens, cookie) + gc.SetCookie("refresh", "invalid", -1, "/my", gc.Request.URL.Hostname(), true, true) + } else { + app.debug.Printf("Couldn't get cookies: %s", err) } respondBool(204, true, gc) }