oadmin/sub2api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(auth): invalidate access tokens on session revoke

Browse Source
This commit is contained in:
IanShaw027
2026-04-22 13:30:34 +08:00
parent 01a991f56f
commit 3d29f7c2fa
6 changed files with 90 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
backend/internal/handler/user_handler_test.go
View File

@@ -593,11 +593,12 @@ func TestUserHandlerUnbindIdentityRevokesAllUserSessionsWhenAuthServiceConfigure
repo := &userHandlerRepoStub{
user: &service.User{
ID: 23,
Email: "identity@example.com",
Username: "identity-user",
Role: service.RoleUser,
Status: service.StatusActive,
ID: 23,
Email: "identity@example.com",
Username: "identity-user",
Role: service.RoleUser,
Status: service.StatusActive,
TokenVersion: 4,
},
identities: []service.UserAuthIdentityRecord{
{
@@ -632,6 +633,7 @@ func TestUserHandlerUnbindIdentityRevokesAllUserSessionsWhenAuthServiceConfigure
require.Equal(t, http.StatusOK, recorder.Code)
require.Equal(t, []int64{23}, refreshTokenCache.revokedUserIDs)
require.Equal(t, int64(5), repo.user.TokenVersion)
}
func TestUserHandlerBindEmailIdentityRejectsWrongCurrentPasswordForBoundEmail(t *testing.T) {