Server: when we remove a user, remove the oauthtokens too

diff --git a/server/models/oauth-token.js b/server/models/oauth-token.js
index f6a814c36fc37989c714c4076ed809b1e6e0048e..d53fdcf31fd336a970a722582d7c1577dc11a98b 100644 (file)
--- a/server/models/oauth-token.js
+++ b/server/models/oauth-token.js
@@ -20,7 +20,8 @@ OAuthTokenSchema.path('user').required(true)
 OAuthTokenSchema.statics = {
   getByRefreshTokenAndPopulateClient: getByRefreshTokenAndPopulateClient,
   getByTokenAndPopulateUser: getByTokenAndPopulateUser,
-  getByRefreshToken: getByRefreshToken
+  getByRefreshToken: getByRefreshToken,
+  removeByUserId: removeByUserId
 }
 
 mongoose.model('OAuthToken', OAuthTokenSchema)
@@ -53,3 +54,7 @@ function getByTokenAndPopulateUser (bearerToken) {
 function getByRefreshToken (refreshToken) {
   return this.findOne({ refreshToken: refreshToken }).exec()
 }
+
+function removeByUserId (userId, callback) {
+  return this.remove({ user: userId }, callback)
+}

diff --git a/server/models/user.js b/server/models/user.js
index c2c8807f0830da9452ea66c97231199115c7af41..91e8aeae1c93fa26aaae2fa4fa65692f55c8def6 100644 (file)
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -4,6 +4,8 @@ const customUsersValidators = require('../helpers/custom-validators').users
 const modelUtils = require('./utils')
 const peertubeCrypto = require('../helpers/peertube-crypto')
 
+const OAuthToken = mongoose.model('OAuthToken')
+
 // ---------------------------------------------------------------------------
 
 const UserSchema = mongoose.Schema({
@@ -46,6 +48,12 @@ UserSchema.pre('save', function (next) {
   })
 })
 
+UserSchema.pre('remove', function (next) {
+  const user = this
+
+  OAuthToken.removeByUserId(user._id, next)
+})
+
 mongoose.model('User', UserSchema)
 
 // ------------------------------ METHODS ------------------------------