Remove token from cache before returning responses in RoleService

LittleBigRefresh · Jul 28, 2024 · cd11eac · cd11eac
1 parent 91b9a43
commit cd11eac
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/Refresh.GameServer/Services/RoleService.cs b/Refresh.GameServer/Services/RoleService.cs
@@ -40,11 +40,17 @@ internal RoleService(AuthenticationService authService, GameServerConfig config,
 
         // if the user's role is lower than the minimum role for this endpoint, then return unauthorized
         if (user.Role < minimumRole)
+        {
+            this._authService.RemoveTokenFromCache();
             return Unauthorized;
+        }
 
         RequireEmailVerifiedAttribute? emailAttrib = method.GetCustomAttribute<RequireEmailVerifiedAttribute>();
         if (emailAttrib != null && !user.EmailAddressVerified)
+        {
+            this._authService.RemoveTokenFromCache();
             return Unauthorized;
+        }
 
         return null;
     }
@@ -59,7 +65,11 @@ internal RoleService(AuthenticationService authService, GameServerConfig config,
 
         // If user isn't an admin, then stop the request here, ignoring all
         if (user.Role != GameUserRole.Admin)
+        {
+            this._authService.RemoveTokenFromCache();
             return Forbidden;
+        }
+
 
         return null;
     }