Self-Hosted
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Stop rolling device token

Browse Source
pull/3899/head
Timshel 9 months ago
parent a69f0c7df8
commit 29b37ff195
2 changed files with 1 additions and 6 deletions
Show Stats Download Patch File Download Diff File

3
src/auth.rs
Unescape View File

@ -1112,8 +1112,7 @@ pub async fn refresh_tokens(refresh_token: &str, conn: &mut DbConn) -> ApiResult
Some(device) => device, Some(device) => device,
}; };
// Roll the Device.refresh_token this way it invalides old JWT refresh_token // Save to update `updated_at`.
device.roll_refresh_token();
device.save(conn).await?; device.save(conn).await?;
let user = match User::find_by_uuid(&device.user_uuid, conn).await { let user = match User::find_by_uuid(&device.user_uuid, conn).await {

4
src/db/models/device.rs
Unescape View File

@ -48,10 +48,6 @@ impl Device {
} }
} }
pub fn roll_refresh_token(&mut self) {
self.refresh_token = crypto::encode_random_bytes::<64>(BASE64URL)
}
pub fn refresh_twofactor_remember(&mut self) -> String { pub fn refresh_twofactor_remember(&mut self) -> String {
let twofactor_remember = crypto::encode_random_bytes::<180>(BASE64); let twofactor_remember = crypto::encode_random_bytes::<180>(BASE64);
self.twofactor_remember = Some(twofactor_remember.clone()); self.twofactor_remember = Some(twofactor_remember.clone());

Write Preview
Loading…
Cancel
Save