moon
/
soapbox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

auth: delete the bunker private key when an access token is revoked

This commit is contained in:
Alex Gleason 2024-10-30 12:20:52 -05:00
parent 335f8eae6c
commit bee7673085
No known key found for this signature in database
GPG Key ID: 7211D1F99744FBB7
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/reducers/auth.ts
View File

@ -123,15 +123,15 @@ function importCredentials(auth: SoapboxAuth, accessToken: string, account: Acco
function revokeNostr(accessToken: string): void { function revokeNostr(accessToken: string): void {
const { connections, revoke } = useBunkerStore.getState(); const { connections, revoke } = useBunkerStore.getState();
/** User pubkey from token. */ for (const conn of connections) {
const pubkey = connections.find((conn) => conn.accessToken === accessToken)?.pubkey; if (conn.accessToken === accessToken) {
// Revoke the Bunker connection. // Revoke the Bunker connection.
revoke(accessToken); revoke(accessToken);
// Revoke the user's private key.
// Revoke the private key, if it exists. keyring.delete(conn.pubkey);
if (pubkey) { // Revoke the bunker's private key.
keyring.delete(pubkey); keyring.delete(conn.bunkerPubkey);
}
} }
} }