auth: delete the bunker private key when an access token is revoked

environments/review-update-vid-g70vyz/deployments/5013
Alex Gleason 2024-10-30 12:20:52 -05:00
rodzic 335f8eae6c
commit bee7673085
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 7211D1F99744FBB7
1 zmienionych plików z 9 dodań i 9 usunięć

Wyświetl plik

@ -123,15 +123,15 @@ function importCredentials(auth: SoapboxAuth, accessToken: string, account: Acco
function revokeNostr(accessToken: string): void {
const { connections, revoke } = useBunkerStore.getState();
/** User pubkey from token. */
const pubkey = connections.find((conn) => conn.accessToken === accessToken)?.pubkey;
for (const conn of connections) {
if (conn.accessToken === accessToken) {
// Revoke the Bunker connection.
revoke(accessToken);
// Revoke the private key, if it exists.
if (pubkey) {
keyring.delete(pubkey);
// Revoke the user's private key.
keyring.delete(conn.pubkey);
// Revoke the bunker's private key.
keyring.delete(conn.bunkerPubkey);
}
}
}