Properly revoke OAuth sessions when revoking all user sessions.

author: JoramWilander <jwawilander@gmail.com> 2015-09-24 08:02:01 -0400
committer: JoramWilander <jwawilander@gmail.com> 2015-09-28 14:39:36 -0400
commit: 10108bb54cc5cdc337c46fd56edd6448f82f8766 (patch)
tree: fdf6ce6c8b1aa26a9fd271fa96ebc700398741ee /api/user.go
parent: 00b5f604c995bd3faaf339766a58cd596d2ce005 (diff)
download: chat-10108bb54cc5cdc337c46fd56edd6448f82f8766.tar.gz
chat-10108bb54cc5cdc337c46fd56edd6448f82f8766.tar.bz2
chat-10108bb54cc5cdc337c46fd56edd6448f82f8766.zip
1 files changed, 8 insertions, 4 deletions
diff --git a/api/user.go b/api/user.go
index 695ab2208..9718d534e 100644
--- a/api/user.go
+++ b/api/user.go
@@ -466,10 +466,14 @@ func RevokeAllSession(c *Context, userId string) {
 
 		for _, session := range sessions {
 			c.LogAuditWithUserId(userId, "session_id="+session.Id)
-			sessionCache.Remove(session.Token)
-			if result := <-Srv.Store.Session().Remove(session.Id); result.Err != nil {
-				c.Err = result.Err
-				return
+			if session.IsOAuth {
+				RevokeAccessToken(session.Token)
+			} else {
+				sessionCache.Remove(session.Token)
+				if result := <-Srv.Store.Session().Remove(session.Id); result.Err != nil {
+					c.Err = result.Err
+					return
+				}
 			}
 		}
 	}
author	JoramWilander <jwawilander@gmail.com>	2015-09-24 08:02:01 -0400
committer	JoramWilander <jwawilander@gmail.com>	2015-09-28 14:39:36 -0400
commit	10108bb54cc5cdc337c46fd56edd6448f82f8766 (patch)
tree	fdf6ce6c8b1aa26a9fd271fa96ebc700398741ee /api/user.go
parent	00b5f604c995bd3faaf339766a58cd596d2ce005 (diff)
download	chat-10108bb54cc5cdc337c46fd56edd6448f82f8766.tar.gz chat-10108bb54cc5cdc337c46fd56edd6448f82f8766.tar.bz2 chat-10108bb54cc5cdc337c46fd56edd6448f82f8766.zip