Home Explore Help
Register Sign In
Apq
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Delete old devices when deauthorizing user sessions

Daniel García 6 years ago
parent
93805a5d7b
commit
6027b969f5
2 changed files with 2 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      src/api/admin.rs
  2. 1 0
      src/api/core/accounts.rs

+ 1 - 0
src/api/admin.rs
View File 

@@ -171,6 +171,7 @@ fn deauth_user(uuid: String, _token: AdminToken, conn: DbConn) -> EmptyResult {
 
         None => err!("User doesn't exist"),
 
     };
 
 
+    Device::delete_all_by_user(&user.uuid, &conn)?;
 
     user.reset_security_stamp();
 
 
     user.save(&conn)

+ 1 - 0
src/api/core/accounts.rs
View File 

@@ -322,6 +322,7 @@ fn post_sstamp(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn) -
 
         err!("Invalid password")
 
     }
 
 
+    Device::delete_all_by_user(&user.uuid, &conn)?;
 
     user.reset_security_stamp();
 
     user.save(&conn)
 
 }