Oauth Token never expires
Closed this issue · 1 comments
GeorgeZhai commented
Hello
in oauth2-lookback.js line 50
models.accessTokens.find(accessToken, function(err, token) {
it only finds token, but TTL verification is not done here neither in the model.
And,
Looks like Oauth Token will not be cleaned up after expiration. If user don't create another process to remove them, Potentially it could eat all the free space in DB during the time
Thanks,
George
GeorgeZhai commented
Sorry, Looks like I was looking at an older version
closing the issue first