From e3dee76bbe0dcaad1042b4ca4b7861f5a6e1f82a Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Mar 06 2017 19:18:42 +0000
Subject: Do not update the expiration date of an expired API token


---

diff --git a/pagure/ui/repo.py b/pagure/ui/repo.py
index a6e0ee5..f2bb386 100644
--- a/pagure/ui/repo.py
+++ b/pagure/ui/repo.py
@@ -2133,7 +2133,9 @@ def revoke_api_token(repo, token_id, username=None, namespace=None):
 
     if form.validate_on_submit():
         try:
-            token.expiration = datetime.datetime.utcnow()
+            if token.expiration >= datetime.datetime.utcnow():
+                token.expiration = datetime.datetime.utcnow()
+                SESSION.add(token)
             SESSION.commit()
             flask.flash('Token revoked')
         except SQLAlchemyError as err:  # pragma: no cover