invalidate token

This commit is contained in:
Roman Hergenreder 2020-06-29 16:50:36 +02:00
parent 284ea6f9bb
commit ce82eb0231

@ -115,6 +115,14 @@ namespace Api {
return $this->success; return $this->success;
} }
protected function invalidateToken($token) {
$this->user->getSQL()
->update("UserToken")
->set("used", true)
->where(new Compare("token", $token))
->execute();
}
} }
} }
@ -544,14 +552,7 @@ namespace Api\User {
} else if (!$this->updateUser($result["user"]["uid"])) { } else if (!$this->updateUser($result["user"]["uid"])) {
return false; return false;
} else { } else {
$this->invalidateToken($token);
// Invalidate token
$this->user->getSQL()
->update("UserToken")
->set("used", true)
->where(new Compare("token", $token))
->execute();
return true; return true;
} }
} }
@ -1111,14 +1112,7 @@ namespace Api\User {
} else if (!$this->updateUser($result["user"]["uid"], $password)) { } else if (!$this->updateUser($result["user"]["uid"], $password)) {
return false; return false;
} else { } else {
$this->invalidateToken($token);
// Invalidate token
$this->user->getSQL()
->update("UserToken")
->set("used", true)
->where(new Compare("token", $token))
->execute();
return true; return true;
} }
} }