Skip to content

Commit

Permalink
no need to revoke other access tokens when a new one is issued
Browse files Browse the repository at this point in the history
  • Loading branch information
@taylorotwell
taylorotwell committed Oct 6, 2016
1 parent 8a5b956 commit b95791d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/Http/Controllers/AccessTokenController.php
View file
Expand Up @@ -70,7 +70,7 @@ public function issueToken(ServerRequestInterface $request)
$payload = json_decode($response->getBody()->__toString(), true);

if (isset($payload['access_token'])) {
$this->revokeOtherAccessTokens($payload);
// $this->revokeOtherAccessTokens($payload);
}

return $response;
Expand Down

5 comments on commit b95791d

@lukepolo
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can this be configurable instead ? We need our tokens to be revoked if a new one is issued .

@dusterio
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is too intrusive of a change. Should be a configuration variable

@badawys
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i agree it should be configurable

@bhosie
Copy link
Contributor

@bhosie bhosie commented on b95791d Nov 2, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

submitted a related issue: #166

@etelford
Copy link
Contributor

@etelford etelford commented on b95791d Jan 13, 2017
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I handled letting this be configurable by passing a query param to the route and extending this with my own controller route. See here.

Please sign in to comment.