Prevent IToken use-after-free in AuthenticationService

PlanetBunkum · Oct 18, 2023 · 6e10946 · 6e10946
1 parent 4ee432a
commit 6e10946
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/Bunkum.Core/Services/AuthenticationService.cs b/Bunkum.Core/Services/AuthenticationService.cs
@@ -68,9 +68,14 @@ public override void Initialize()
             IToken<IUser>? token = this.AuthenticateToken(context, database);
             if (token != null) return token.User;
         }
+
+        return null;
+    }
 
+    /// <inheritdoc />
+    public override void AfterRequestHandled(ListenerContext context, Response response, MethodInfo method, Lazy<IDatabaseContext> database)
+    {
         this._tokenCache.Value = null;
-        return null;
     }
 
     public IToken<IUser>? AuthenticateToken(ListenerContext context, Lazy<IDatabaseContext> database, bool remove = false)