diff options
| -rw-r--r-- | changelog.d/oauth2-token-linger.fix | 1 | ||||
| -rw-r--r-- | src/modules/users.js | 6 |
2 files changed, 7 insertions, 0 deletions
diff --git a/changelog.d/oauth2-token-linger.fix b/changelog.d/oauth2-token-linger.fix new file mode 100644 index 00000000..da4e4631 --- /dev/null +++ b/changelog.d/oauth2-token-linger.fix @@ -0,0 +1 @@ +Fix OAuth2 token lingering after revocation diff --git a/src/modules/users.js b/src/modules/users.js index e976d875..50b4cb84 100644 --- a/src/modules/users.js +++ b/src/modules/users.js @@ -651,6 +651,12 @@ const users = { const response = data.error // Authentication failed commit('endLogin') + + // remove authentication token on client/authentication errors + if ([400, 401, 403, 422].includes(response.status)) { + commit('clearToken') + } + if (response.status === 401) { reject(new Error('Wrong username or password')) } else { |