From bd8ef848620af1bc651990ee34471b036288f206 Mon Sep 17 00:00:00 2001 From: colcrunch Date: Mon, 11 Dec 2023 18:13:24 -0500 Subject: [PATCH] Delete tokens that can not be used for logins. --- allianceauth/authentication/views.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/allianceauth/authentication/views.py b/allianceauth/authentication/views.py index 15c746c7..2a06f11c 100644 --- a/allianceauth/authentication/views.py +++ b/allianceauth/authentication/views.py @@ -172,6 +172,8 @@ def sso_login(request, token): # Go to Step 2 return redirect('registration_register') messages.error(request, _('Unable to authenticate as the selected character.')) + # Logging in with an alt is not allowed due to security concerns. + token.delete() return redirect(settings.LOGIN_URL)