Check if user is authorized to access an application before authenticating him

2022-04-09 12:24:03 +02:00
parent b10215ae9c
commit 5633aae029
2 changed files with 6 additions and 2 deletions
--- a/src/actors/openid_sessions_actor.rs
+++ b/src/actors/openid_sessions_actor.rs
@ -28,7 +28,7 @@ pub struct Session {

 impl Session {
    pub fn is_expired(&self) -> bool {
-        self.code_expire_on < time() || self.token_expire_at < time()
+        self.code_expire_on < time() && self.token_expire_at < time()
    }
 }