From ac78f801943f22c27cc6e7e9eac7ececb9fa2a5a Mon Sep 17 00:00:00 2001
From: Alexander Tumin <iamtakingiteasy@eientei.org>
Date: Mon, 14 Aug 2023 16:21:43 +0300
Subject: Fix OAuth2 token lingering after revocation

---
 src/modules/users.js | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src')

diff --git a/src/modules/users.js b/src/modules/users.js
index e976d875..50b4cb84 100644
--- a/src/modules/users.js
+++ b/src/modules/users.js
@@ -651,6 +651,12 @@ const users = {
               const response = data.error
               // Authentication failed
               commit('endLogin')
+
+              // remove authentication token on client/authentication errors
+              if ([400, 401, 403, 422].includes(response.status)) {
+                commit('clearToken')
+              }
+
               if (response.status === 401) {
                 reject(new Error('Wrong username or password'))
               } else {
-- 
cgit v1.2.3-70-g09d2