From 6e109464ed9255f558182f001f475a378405ff76 Mon Sep 17 00:00:00 2001
From: jvyden <jvyden@jvyden.xyz>
Date: Wed, 18 Oct 2023 15:56:15 -0400
Subject: [PATCH] Prevent IToken use-after-free in AuthenticationService

---
 Bunkum.Core/Services/AuthenticationService.cs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/Bunkum.Core/Services/AuthenticationService.cs b/Bunkum.Core/Services/AuthenticationService.cs
index 6a2a0eb..e950e89 100644
--- a/Bunkum.Core/Services/AuthenticationService.cs
+++ b/Bunkum.Core/Services/AuthenticationService.cs
@@ -68,9 +68,14 @@ public override void Initialize()
             IToken<IUser>? token = this.AuthenticateToken(context, database);
             if (token != null) return token.User;
         }
+        
+        return null;
+    }
 
+    /// <inheritdoc />
+    public override void AfterRequestHandled(ListenerContext context, Response response, MethodInfo method, Lazy<IDatabaseContext> database)
+    {
         this._tokenCache.Value = null;
-        return null;
     }
 
     public IToken<IUser>? AuthenticateToken(ListenerContext context, Lazy<IDatabaseContext> database, bool remove = false)