Remove user secret key from encrypted session token (#652)

User secret key is not really need it to be stored inside the encrypted session key, since the `change-password` endpoint requires the user to provide the current `secret key` that password will be used to initialize a new minio client then we will leverage on the `SetUser` operation, this api only works with actual user credentials and not sts credentials
2021-03-18 10:27:27 -07:00
parent 3fcf278460
commit c48a024310
12 changed files with 13 additions and 47 deletions
--- a/models/principal.go
+++ b/models/principal.go
@@ -44,9 +44,6 @@ type Principal struct {
 	// account access key
 	AccountAccessKey string `json:"accountAccessKey,omitempty"`

-	// account secret key
-	AccountSecretKey string `json:"accountSecretKey,omitempty"`
-
 	// actions
 	Actions []string `json:"actions"`
 }