From 01cebcfcec86d99f70e46c396aff87667bb7db58 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 5 Oct 2023 20:05:08 +0200 Subject: [PATCH] only consider non expired tokens Signed-off-by: Jens Langhammer --- authentik/stages/authenticator_mobile/api/auth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authentik/stages/authenticator_mobile/api/auth.py b/authentik/stages/authenticator_mobile/api/auth.py index 9c88d4973..31c82cbc6 100644 --- a/authentik/stages/authenticator_mobile/api/auth.py +++ b/authentik/stages/authenticator_mobile/api/auth.py @@ -18,7 +18,7 @@ class MobileDeviceTokenAuthentication(BaseAuthentication): """Token-based authentication using HTTP Bearer authentication""" auth = get_authorization_header(request) raw_token = validate_auth(auth) - device_token: MobileDeviceToken = MobileDeviceToken.objects.filter(token=raw_token).first() + device_token: MobileDeviceToken = MobileDeviceToken.filter_not_expired(token=raw_token).first() if not device_token: return None CTX_AUTH_VIA.set("mobile_token")