joelmeister
commented
8 years ago You can test this out by just changing the token cookie in a cookie editor so it doesn't match what's in the db. I'm using the "EditThisCookie" chrome extension
Closed joelmeister closed 8 years ago
joelmeister
commented
8 years ago You can test this out by just changing the token cookie in a cookie editor so it doesn't match what's in the db. I'm using the "EditThisCookie" chrome extension
c-topherl
commented
8 years ago Fixed-good catch.
When a token is expired, it's not possible to log back in. If the initial verification with the cookie fails it should probably clear the token cookie out.