realaravinth/forgejo-federation
1
0
Fork 0
Code Issues Pull requests 6 Packages Projects Releases Wiki Activity

Revert "Unify password changing and invalidate auth tokens (#27625)"

Browse source 
This reverts commit 688d4a1f71.
This commit is contained in:
Earl Warren 2024-02-05 14:43:35 +01:00
parent 80cf92bf1f
commit 1951c51c8e
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 0579CB2928A78A00
3 changed files with 1 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
models/auth/auth_token.go
View file

@ -54,11 +54,6 @@ func DeleteAuthTokenByID(ctx context.Context, id string) error {
return err
}
func DeleteAuthTokensByUserID(ctx context.Context, uid int64) error {
_, err := db.GetEngine(ctx).Where(builder.Eq{"user_id": uid}).Delete(&AuthToken{})
return err
}
func DeleteExpiredAuthTokens(ctx context.Context) error {
_, err := db.GetEngine(ctx).Where(builder.Lt{"expires_unix": timeutil.TimeStampNow()}).Delete(&AuthToken{})
return err

4
services/user/delete.go
View file

@ -187,10 +187,6 @@ func deleteUser(ctx context.Context, u *user_model.User, purge bool) (err error)
}
// ***** END: ExternalLoginUser *****
if err := auth_model.DeleteAuthTokensByUserID(ctx, u.ID); err != nil {
return fmt.Errorf("DeleteAuthTokensByUserID: %w", err)
}
if _, err = db.DeleteByID[user_model.User](ctx, u.ID); err != nil {
return fmt.Errorf("delete: %w", err)
}

12
services/user/update.go
View file

@ -183,7 +183,6 @@ func UpdateAuth(ctx context.Context, u *user_model.User, opts *UpdateAuthOptions
u.LoginName = opts.LoginName.Value()
}
deleteAuthTokens := false
if opts.Password.Has() && (u.IsLocal() || u.IsOAuth2()) {
password := opts.Password.Value()
@ -200,8 +199,6 @@ func UpdateAuth(ctx context.Context, u *user_model.User, opts *UpdateAuthOptions
if err := u.SetPassword(password); err != nil {
return err
}
deleteAuthTokens = true
}
if opts.MustChangePassword.Has() {
@ -211,12 +208,5 @@ func UpdateAuth(ctx context.Context, u *user_model.User, opts *UpdateAuthOptions
u.ProhibitLogin = opts.ProhibitLogin.Value()
}
if err := user_model.UpdateUserCols(ctx, u, "login_type", "login_source", "login_name", "passwd", "passwd_hash_algo", "salt", "must_change_password", "prohibit_login"); err != nil {
return err
}
if deleteAuthTokens {
return auth_model.DeleteAuthTokensByUserID(ctx, u.ID)
}
return nil
return user_model.UpdateUserCols(ctx, u, "login_type", "login_source", "login_name", "passwd", "passwd_hash_algo", "salt", "must_change_password", "prohibit_login")
}