From 35ced9a45108f7531770037e1324d411f8d541f8 Mon Sep 17 00:00:00 2001
From: Danielle McLean <dani@00dani.me>
Date: Thu, 28 Jun 2018 08:38:55 +1000
Subject: [PATCH] Whoops, only revoke the current user's Micropub tokens for a
 client, not every single token for that client

---
 lemonauth/views/tokens/revoke.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lemonauth/views/tokens/revoke.py b/lemonauth/views/tokens/revoke.py
index e581b4a..7b99cbb 100644
--- a/lemonauth/views/tokens/revoke.py
+++ b/lemonauth/views/tokens/revoke.py
@@ -2,10 +2,8 @@ from django.http import HttpResponse
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.views import View
 
-from ...models import Token
-
 
 class TokensRevokeView(LoginRequiredMixin, View):
     def delete(self, request, client_id: str):
-        Token.objects.filter(client_id=client_id).delete()
+        request.user.token_set.filter(client_id=client_id).delete()
         return HttpResponse(status=204)