fix: normal logout affects all sessions (#3571)

Previously all user tokens were deleted, which logouts from all sessions.
flarum · Feb 21, 2023 · 79a9b23 · 79a9b23
1 parent 33e2bd1
commit 79a9b23
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/framework/core/src/Forum/Controller/LogOutController.php b/framework/core/src/Forum/Controller/LogOutController.php
@@ -102,11 +102,12 @@ public function handle(Request $request): ResponseInterface
             return new HtmlResponse($view->render());
         }
 
+        $accessToken = $session->get('access_token');
         $response = new RedirectResponse($url);
 
         $this->authenticator->logOut($session);
 
-        $actor->accessTokens()->delete();
+        $actor->accessTokens()->where('token', $accessToken)->delete();
 
         $this->events->dispatch(new LoggedOut($actor, false));