MirrorHub/bitwarden_rs
0
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden synced 2024-06-10 07:58:58 +02:00
Code Issues Releases Wiki Activity

Delete old devices when deauthorizing user sessions

Browse source
This commit is contained in:
Daniel García 2019-02-16 23:06:26 +01:00
parent 93805a5d7b
commit 6027b969f5
No known key found for this signature in database
GPG key ID: FC8A7D14C3CD543A
2 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/api/admin.rs
View file

@ -171,6 +171,7 @@ fn deauth_user(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
None => err!("User doesn't exist"),
};
Device::delete_all_by_user(&user.uuid, &conn)?;
user.reset_security_stamp();
user.save(&conn)

1
src/api/core/accounts.rs
View file

@ -322,6 +322,7 @@ fn post_sstamp(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn) -
err!("Invalid password")
}
Device::delete_all_by_user(&user.uuid, &conn)?;
user.reset_security_stamp();
user.save(&conn)
}