moon
/
soapbox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

auth: delete the bunker private key when an access token is revoked

This commit is contained in:
Alex Gleason 2024-10-30 12:20:52 -05:00
parent 335f8eae6c
commit bee7673085
No known key found for this signature in database
GPG Key ID: 7211D1F99744FBB7
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/reducers/auth.ts
View File

@ -123,15 +123,15 @@ function importCredentials(auth: SoapboxAuth, accessToken: string, account: Acco
function revokeNostr(accessToken: string): void {
const { connections, revoke } = useBunkerStore.getState();
/** User pubkey from token. */
const pubkey = connections.find((conn) => conn.accessToken === accessToken)?.pubkey;
// Revoke the Bunker connection.
revoke(accessToken);
// Revoke the private key, if it exists.
if (pubkey) {
keyring.delete(pubkey);
for (const conn of connections) {
if (conn.accessToken === accessToken) {
// Revoke the Bunker connection.
revoke(accessToken);
// Revoke the user's private key.
keyring.delete(conn.pubkey);
// Revoke the bunker's private key.
keyring.delete(conn.bunkerPubkey);
}
}
}