topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Roll the refresh_token

pull/4364/head
Timshel 1 year ago
committed by Jacques B
parent
1e42755187
commit
fa3da1bddb
1 changed files with 3 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      src/db/models/device.rs

8
src/db/models/device.rs
View File

@ -1,4 +1,5 @@
use chrono::{NaiveDateTime, Utc};
use data_encoding::BASE64URL;
use crate::{crypto, CONFIG};
use core::fmt;
@ -60,11 +61,8 @@ impl Device {
}
pub fn refresh_tokens(&mut self, user: &super::User, scope: Vec<String>) -> (String, i64) {
// If there is no refresh token, we create one
if self.refresh_token.is_empty() {
use data_encoding::BASE64URL;
self.refresh_token = crypto::encode_random_bytes::<64>(BASE64URL);
}
// Roll the refresh_token to prevent reuse
self.refresh_token = crypto::encode_random_bytes::<64>(BASE64URL);
// Update the expiration of the device and the last update date
let time_now = Utc::now();

Write Preview
Loading…
Cancel
Save