public/owltide
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages 1 Wiki Activity Actions

Allow abandoning anonymous taken sessions

Browse source 
If an anonymous session is detected as taken the logic preventing the
session from being accidentally deleted would also prevent the user from
recovering from a taken anonymous session.
This commit is contained in:
Hornwitser 2025-07-08 15:53:58 +02:00
parent ebeedff5d0
commit f4e4dc9f11
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
server/api/auth/session.delete.ts
View file

@ -10,7 +10,7 @@ export default defineEventHandler(async (event) => {
if (session) {
const users = await readUsers();
const account = users.find(user => user.id === session.accountId);
if (account?.type === "anonymous") {
if (account?.type === "anonymous" && session.successor === undefined) {
throw createError({
status: 409,
message: "Cannot log out of an anonymous account",