StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Attempt revocation of JWT access when changing a server's owner

Browse source 
closes #2771
This commit is contained in:
Dane Everitt 2020-12-06 12:16:12 -08:00
parent af360d49dd
commit 11054de5b3
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
3 changed files with 53 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/Http/Controllers/Api/Client/Servers/SubuserController.php
View file

@ -135,7 +135,7 @@ class SubuserController extends ClientApiController
]);
try {
$this->serverRepository->setServer($server)->revokeJTIs([md5($subuser->user_id . $server->uuid)]);
$this->serverRepository->setServer($server)->revokeUserJTI($subuser->user_id);
} catch (DaemonConnectionException $exception) {
// Don't block this request if we can't connect to the Wings instance. Chances are it is
// offline in this event and the token will be invalid anyways once Wings boots back.
@ -163,7 +163,7 @@ class SubuserController extends ClientApiController
$this->repository->delete($subuser->id);
try {
$this->serverRepository->setServer($server)->revokeJTIs([md5($subuser->user_id . $server->uuid)]);
$this->serverRepository->setServer($server)->revokeUserJTI($subuser->user_id);
} catch (DaemonConnectionException $exception) {
// Don't block this request if we can't connect to the Wings instance.
Log::warning($exception, ['user_id' => $subuser->user_id, 'server_id' => $server->id]);