Fix OAuth2 token lingering after revocation

This commit is contained in:
Alexander Tumin 2023-08-14 16:21:43 +03:00
parent a1641193b5
commit ac78f80194
2 changed files with 7 additions and 0 deletions

View File

@ -0,0 +1 @@
Fix OAuth2 token lingering after revocation

View File

@ -651,6 +651,12 @@ const users = {
const response = data.error const response = data.error
// Authentication failed // Authentication failed
commit('endLogin') commit('endLogin')
// remove authentication token on client/authentication errors
if ([400, 401, 403, 422].includes(response.status)) {
commit('clearToken')
}
if (response.status === 401) { if (response.status === 401) {
reject(new Error('Wrong username or password')) reject(new Error('Wrong username or password'))
} else { } else {