saltyming/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-07-24 13:00:39 +00:00
Code Activity

Stop rolling device token

Browse source
This commit is contained in:
Timshel 2024-04-15 16:06:18 +02:00
commit 524d65e772
2 changed files with 1 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/auth.rs
View file

@ -1112,8 +1112,7 @@ pub async fn refresh_tokens(refresh_token: &str, conn: &mut DbConn) -> ApiResult
Some(device) => device, Some(device) => device,
}; };
// Roll the Device.refresh_token this way it invalides old JWT refresh_token // Save to update `updated_at`.
device.roll_refresh_token();
device.save(conn).await?; device.save(conn).await?;
let user = match User::find_by_uuid(&device.user_uuid, conn).await { let user = match User::find_by_uuid(&device.user_uuid, conn).await {

4
src/db/models/device.rs
View file

@ -48,10 +48,6 @@ impl Device {
} }
} }
pub fn roll_refresh_token(&mut self) {
self.refresh_token = crypto::encode_random_bytes::<64>(BASE64URL)
}
pub fn refresh_twofactor_remember(&mut self) -> String { pub fn refresh_twofactor_remember(&mut self) -> String {
let twofactor_remember = crypto::encode_random_bytes::<180>(BASE64); let twofactor_remember = crypto::encode_random_bytes::<180>(BASE64);
self.twofactor_remember = Some(twofactor_remember.clone()); self.twofactor_remember = Some(twofactor_remember.clone());