Invalidate console session when minio user doesn't exists (#332)

2020-10-19 15:32:21 -07:00
parent e1fdf3fb28
commit f6ac7e047e
12 changed files with 28 additions and 37 deletions
--- a/restapi/configure_console.go
+++ b/restapi/configure_console.go
@@ -61,7 +61,7 @@ func configureAPI(api *operations.ConsoleAPI) http.Handler {
 	// Applies when the "x-token" header is set

 	api.KeyAuth = func(token string, scopes []string) (*models.Principal, error) {
-		// we are validating the jwt by decrypting the claims inside, if the operation succed that means the jwt
+		// we are validating the session token by decrypting the claims inside, if the operation succeed that means the jwt
 		// was generated and signed by us in the first place
 		claims, err := auth.SessionTokenAuthenticate(token)
 		if err != nil {