From 1a3b60c60a11fbb71ec0544c002e549b2dae0740 Mon Sep 17 00:00:00 2001
From: Mika Specht <mikspecht@yahoo.de>
Date: Wed, 22 May 2024 19:43:48 +0200
Subject: [PATCH] Fix unauthorized on index-site for invalid(outdated) tokens

---
 src/session.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/session.rs b/src/session.rs
index 87700fa..d4029a8 100644
--- a/src/session.rs
+++ b/src/session.rs
@@ -59,7 +59,10 @@ impl<'a> FromRequest<'a> for Session {
 		unsafe {
 			if !SESSIONS.contains_key(&token) {
 				println!("Invalid Token: {:?},", token);
-				Outcome::Error((Status::Unauthorized, "Invalid Token"))
+				//remove the invalid token
+				req.cookies().remove_private("session-token");
+				// We forward so there can be not-logged in paths
+				return Outcome::Forward(Status::Unauthorized);
 			} else {
 				Outcome::Success(Session { token })
 			}
-- 
GitLab