userpage: invalid refresh token on pw change

user has to log in again, although this is not strictly enforced, as the
standard token remains valid until its expiry.
user-page
Harvey Tindall 1 year ago
parent 97db4d714a
commit 6adbba54ce
No known key found for this signature in database
GPG Key ID: BBC65952848FB1A2

@ -603,20 +603,27 @@ func (app *appContext) ChangeMyPassword(gc *gin.Context) {
return
}
if app.config.Section("ombi").Key("enabled").MustBool(false) {
func() {
ombiUser, status, err := app.getOmbiUser(gc.GetString("jfId"))
if status != 200 || err != nil {
app.err.Printf("Failed to get user \"%s\" from ombi (%d): %v", user.Name, status, err)
respondBool(204, true, gc)
return
}
ombiUser["password"] = req.New
status, err = app.ombi.ModifyUser(ombiUser)
if status != 200 || err != nil {
app.err.Printf("Failed to set password for ombi user \"%s\" (%d): %v", ombiUser["userName"], status, err)
respondBool(204, true, gc)
return
}
app.debug.Printf("Reset password for ombi user \"%s\"", ombiUser["userName"])
}()
}
cookie, err := gc.Cookie("user-refresh")
if err == nil {
app.invalidTokens = append(app.invalidTokens, cookie)
gc.SetCookie("refresh", "invalid", -1, "/my", gc.Request.URL.Hostname(), true, true)
} else {
app.debug.Printf("Couldn't get cookies: %s", err)
}
respondBool(204, true, gc)
}

Loading…
Cancel
Save