Revoke all access tokens after password reset

This commit is contained in:
silverpill 2022-11-15 16:09:11 +00:00
parent 445177d9a7
commit 9ad6bdf1c9
3 changed files with 20 additions and 0 deletions

View file

@ -219,6 +219,12 @@ List generated invites:
mitractl list-invite-codes
```
Set or change password:
```
mitractl set-password <user-id> <password>
```
Delete profile:
```

View file

@ -20,6 +20,7 @@ use crate::models::profiles::queries::{
get_profile_by_id,
get_profile_by_remote_actor_id,
};
use crate::models::oauth::queries::delete_oauth_tokens;
use crate::models::subscriptions::queries::reset_subscriptions;
use crate::models::users::queries::{
create_invite_code,
@ -140,6 +141,8 @@ impl SetPassword {
) -> Result<(), Error> {
let password_hash = hash_password(&self.password)?;
set_user_password(db_client, &self.id, password_hash).await?;
// Revoke all sessions
delete_oauth_tokens(db_client, &self.id).await?;
println!("password updated");
Ok(())
}

View file

@ -53,6 +53,17 @@ pub async fn delete_oauth_token(
Ok(())
}
pub async fn delete_oauth_tokens(
db_client: &impl GenericClient,
owner_id: &Uuid,
) -> Result<(), DatabaseError> {
db_client.execute(
"DELETE FROM oauth_token WHERE owner_id = $1",
&[&owner_id],
).await?;
Ok(())
}
pub async fn get_user_by_oauth_token(
db_client: &impl GenericClient,
access_token: &str,