oadmin/sub2api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(auth): invalidate access tokens on session revoke

Browse Source
This commit is contained in:
IanShaw027
2026-04-22 13:30:34 +08:00
parent 01a991f56f
commit 3d29f7c2fa
6 changed files with 90 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/internal/handler/auth_handler.go
View File

@@ -719,7 +719,7 @@ func (h *AuthHandler) RevokeAllSessions(c *gin.Context) {
return
}
if err := h.authService.RevokeAllUserSessions(c.Request.Context(), subject.UserID); err != nil {
if err := h.authService.RevokeAllUserTokens(c.Request.Context(), subject.UserID); err != nil {
slog.Error("failed to revoke all sessions", "user_id", subject.UserID, "error", err)
response.InternalError(c, "Failed to revoke sessions")
return