Browse Source

Whoops, only revoke the current user's Micropub tokens for a client, not every single token for that client

pull/1/head
Danielle McLean 3 years ago
parent
commit
35ced9a451
Signed by: 00dani GPG Key ID: 8EB789DDF3ABD240
  1. 4
      lemonauth/views/tokens/revoke.py

4
lemonauth/views/tokens/revoke.py

@ -2,10 +2,8 @@ from django.http import HttpResponse
from django.contrib.auth.mixins import LoginRequiredMixin
from django.views import View
from ...models import Token
class TokensRevokeView(LoginRequiredMixin, View):
def delete(self, request, client_id: str):
Token.objects.filter(client_id=client_id).delete()
request.user.token_set.filter(client_id=client_id).delete()
return HttpResponse(status=204)

Loading…
Cancel
Save