From 7136ee924d7de9a362fd34ba4da89beaeb5854d6 Mon Sep 17 00:00:00 2001
From: Lakhan Samani <lakhan.m.samani@gmail.com>
Date: Tue, 8 Mar 2022 19:18:33 +0530
Subject: [PATCH] fix: rotate refresh token

---
 server/handlers/token.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/server/handlers/token.go b/server/handlers/token.go
index aa34045..399f10d 100644
--- a/server/handlers/token.go
+++ b/server/handlers/token.go
@@ -143,6 +143,8 @@ func TokenHandler() gin.HandlerFunc {
 			userID = claims["sub"].(string)
 			roles = claims["roles"].([]string)
 			scope = claims["scope"].([]string)
+			// remove older refresh token and rotate it for security
+			sessionstore.RemoveState(refreshToken)
 		}
 
 		user, err := db.Provider.GetUserByID(userID)