Merge 8473b20941 into 48e1a72ef3

2026-01-25 02:08:24 +00:00 · 2024-06-17 09:49:25 +02:00
parent 48e1a72ef3 8473b20941
commit f5058d8f4b
1 changed files with 5 additions and 0 deletions
--- a/lib/auth/index.js
+++ b/lib/auth/index.js
@@ -31,6 +31,11 @@ function makeStrategy(logger) {
              logger.info('jwt invalidated after logout');
              return done(null, false);
            }
+            /* Reject the request if we receive an old token */
+            if (result !== token) {
+              logger.info('jwt was invalidated after login by another session');
+              return done(null, false);
+            }
          } catch (error) {
            debug(err);
            logger.info({err}, 'Error checking redis for jwt');