z1glr/golunteer
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

added persisting tokenID after password changes on changing session

Browse Source
This commit is contained in:
z1glr
2025-01-11 17:31:18 +00:00
parent b8ede7ef36
commit 4f86dce569
5 changed files with 48 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
backend/pkg/router/user.go
View File

@@ -51,10 +51,24 @@ func patchPassword(args HandlerArgs) responseMessage {
response.Status = fiber.StatusBadRequest
logger.Info().Msgf("invalid body: %v", err)
} else if err := users.ChangePassword(body); err != nil {
} else if tokenID, err := users.ChangePassword(body); err != nil {
response.Status = fiber.StatusInternalServerError
logger.Error().Msgf("can't update password: %v", err)
// sign a new JWT with the new tokenID
} else if jwt, err := config.SignJWT(JWTPayload{
UserName: body.UserName,
TokenID: tokenID,
// if something failed, remove the current session-cookie
}); err != nil {
removeSessionCookie(args.C)
// set the new session-cookie
} else {
// update the token in the session-cookie
setSessionCookie(args.C, &jwt)
}
}