about summary refs log tree commit diff
path: root/Tests
diff options
context:
space:
mode:
authorEmma [it/its]@Rory& <root@rory.gay>2024-04-05 18:58:32 +0200
committerEmma [it/its]@Rory& <root@rory.gay>2024-04-05 18:58:32 +0200
commit37b97d65c0a5262539a5de560e911048166b8bba (patch)
treef704a9c703b0ec47122a460576e151e0cb06fdc6 /Tests
parentFix merge conficts between machines (diff)
downloadLibMatrix-37b97d65c0a5262539a5de560e911048166b8bba.tar.xz
Fix homeserver resolution, rewrite homeserver initialisation, HSE work
Diffstat (limited to 'Tests')
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/AuthController.cs116
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/LegacyController.cs2
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Media/MediaController.cs99
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomAccountDataController.cs78
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomMembersController.cs53
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomStateController.cs31
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomTimelineController.cs292
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomsController.cs6
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/SyncController.cs270
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/ThirdParty/ThirdPartyController.cs25
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Users/AccountDataController.cs147
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Users/FilterController.cs12
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/Users/UserController.cs18
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Controllers/VersionsController.cs186
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Extensions/EventExtensions.cs8
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/LibMatrix.HomeserverEmulator.csproj52
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Program.cs216
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Services/MediaStore.cs65
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Services/PaginationTokenResolverService.cs54
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Services/RoomStore.cs85
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Services/TokenService.cs9
-rw-r--r--Tests/LibMatrix.HomeserverEmulator/Services/UserStore.cs60
22 files changed, 1341 insertions, 543 deletions
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/AuthController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/AuthController.cs
index da56ec4..66548e2 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/AuthController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/AuthController.cs
@@ -1,49 +1,69 @@
-using System.Text.Json.Nodes;

-using LibMatrix.HomeserverEmulator.Services;

-using LibMatrix.Responses;

-using LibMatrix.Services;

-using Microsoft.AspNetCore.Mvc;

-

-namespace LibMatrix.HomeserverEmulator.Controllers;

-

-[ApiController]

-[Route("/_matrix/client/{version}/")]

-public class AuthController(ILogger<AuthController> logger, UserStore userStore, TokenService tokenService) : ControllerBase {

-    [HttpPost("login")]

-    public async Task<LoginResponse> Login(LoginRequest request) {

-        if(!request.Identifier.User.StartsWith('@'))

-            request.Identifier.User = $"@{request.Identifier.User}:{tokenService.GenerateServerName(HttpContext)}";

-        if(request.Identifier.User.EndsWith("localhost"))

-            request.Identifier.User = request.Identifier.User.Replace("localhost", tokenService.GenerateServerName(HttpContext));

-        

-        var user = await userStore.GetUserById(request.Identifier.User);

-        if(user is null) {

-            user = await userStore.CreateUser(request.Identifier.User);

-        }

-

-        return user.Login();

-    }

-

-    [HttpGet("login")]

-    public async Task<LoginFlowsResponse> GetLoginFlows() {

-        return new LoginFlowsResponse {

-            Flows = ((string[]) [

-                "m.login.password",

-                "m.login.recaptcha",

-                "m.login.sso",

-                "m.login.email.identity",

-                "m.login.msisdn",

-                "m.login.dummy",

-                "m.login.registration_token",

-            ]).Select(x => new LoginFlowsResponse.LoginFlow { Type = x }).ToList()

-        };

-    }

-}

-

-public class LoginFlowsResponse {

-    public required List<LoginFlow> Flows { get; set; }

-

-    public class LoginFlow {

-        public required string Type { get; set; }

-    }

+using System.Text.Json.Nodes;
+using LibMatrix.HomeserverEmulator.Services;
+using LibMatrix.Responses;
+using LibMatrix.Services;
+using Microsoft.AspNetCore.Mvc;
+
+namespace LibMatrix.HomeserverEmulator.Controllers;
+
+[ApiController]
+[Route("/_matrix/client/{version}/")]
+public class AuthController(ILogger<AuthController> logger, UserStore userStore, TokenService tokenService) : ControllerBase {
+    [HttpPost("login")]
+    public async Task<LoginResponse> Login(LoginRequest request) {
+        if (!request.Identifier.User.StartsWith('@'))
+            request.Identifier.User = $"@{request.Identifier.User}:{tokenService.GenerateServerName(HttpContext)}";
+        if (request.Identifier.User.EndsWith("localhost"))
+            request.Identifier.User = request.Identifier.User.Replace("localhost", tokenService.GenerateServerName(HttpContext));
+
+        var user = await userStore.GetUserById(request.Identifier.User);
+        if (user is null) {
+            user = await userStore.CreateUser(request.Identifier.User);
+        }
+
+        return user.Login();
+    }
+
+    [HttpGet("login")]
+    public async Task<LoginFlowsResponse> GetLoginFlows() {
+        return new LoginFlowsResponse {
+            Flows = ((string[]) [
+                "m.login.password",
+                "m.login.recaptcha",
+                "m.login.sso",
+                "m.login.email.identity",
+                "m.login.msisdn",
+                "m.login.dummy",
+                "m.login.registration_token",
+            ]).Select(x => new LoginFlowsResponse.LoginFlow { Type = x }).ToList()
+        };
+    }
+
+    [HttpPost("logout")]
+    public async Task<object> Logout() {
+        var token = tokenService.GetAccessToken(HttpContext);
+        var user = await userStore.GetUserByToken(token);
+        if (user == null)
+            throw new MatrixException() {
+                ErrorCode = "M_UNKNOWN_TOKEN",
+                Error = "No such user"
+            };
+
+        if (!user.AccessTokens.ContainsKey(token))
+            throw new MatrixException() {
+                ErrorCode = MatrixException.ErrorCodes.M_NOT_FOUND,
+                Error = "Token not found"
+            };
+
+        user.AccessTokens.Remove(token);
+        return new { };
+    }
+}
+
+public class LoginFlowsResponse {
+    public required List<LoginFlow> Flows { get; set; }
+
+    public class LoginFlow {
+        public required string Type { get; set; }
+    }
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/LegacyController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/LegacyController.cs
index e3f781b..1fb427e 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/LegacyController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/LegacyController.cs
@@ -18,7 +18,7 @@ public class LegacyController(ILogger<LegacyController> logger, TokenService tok
     [SuppressMessage("ReSharper.DPA", "DPA0011: High execution time of MVC action", Justification = "Endpoint is expected to wait until data is available or timeout.")]
     public async Task<object> Sync([FromRoute] string roomId, [FromQuery] int limit = 20) {
         var sw = Stopwatch.StartNew();
-        var token = tokenService.GetAccessToken(HttpContext);
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Media/MediaController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Media/MediaController.cs
index dba36d7..4820a65 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/Media/MediaController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Media/MediaController.cs
@@ -1,14 +1,26 @@
+using System.Text.Json.Nodes;
+using System.Text.RegularExpressions;
+using ArcaneLibs.Extensions;
 using LibMatrix.HomeserverEmulator.Services;
+using LibMatrix.Services;
+using Microsoft.AspNetCore.Html;
 using Microsoft.AspNetCore.Mvc;
 
 namespace LibMatrix.HomeserverEmulator.Controllers.Media;
 
 [ApiController]
 [Route("/_matrix/media/{version}/")]
-public class MediaController(ILogger<MediaController> logger, TokenService tokenService, UserStore userStore, RoomStore roomStore) : ControllerBase {
+public class MediaController(
+    ILogger<MediaController> logger,
+    TokenService tokenService,
+    UserStore userStore,
+    HSEConfiguration cfg,
+    HomeserverResolverService hsResolver,
+    MediaStore mediaStore)
+    : ControllerBase {
     [HttpPost("upload")]
     public async Task<object> UploadMedia([FromHeader(Name = "Content-Type")] string ContentType, [FromQuery] string filename, [FromBody] Stream file) {
-        var token = tokenService.GetAccessToken(HttpContext);
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
@@ -21,14 +33,89 @@ public class MediaController(ILogger<MediaController> logger, TokenService token
                 ErrorCode = "M_UNKNOWN_TOKEN",
                 Error = "No such user"
             };
-        
-        
-        
+
         var mediaId = Guid.NewGuid().ToString();
         var media = new {
             content_uri = $"mxc://{tokenService.GenerateServerName(HttpContext)}/{mediaId}"
         };
         return media;
-        
+    }
+
+    private Dictionary<string, SemaphoreSlim> downloadLocks = new();
+
+    [HttpGet("download/{serverName}/{mediaId}")]
+    public async Task DownloadMedia(string serverName, string mediaId) {
+        while (true)
+            try {
+                if (cfg.StoreData) {
+                    SemaphoreSlim ss;
+                    if (!downloadLocks.ContainsKey(serverName + mediaId))
+                        downloadLocks[serverName + mediaId] = new SemaphoreSlim(1);
+                    ss = downloadLocks[serverName + mediaId];
+                    await ss.WaitAsync();
+                    var serverMediaPath = Path.Combine(cfg.DataStoragePath, "media", serverName);
+                    Directory.CreateDirectory(serverMediaPath);
+                    var mediaPath = Path.Combine(serverMediaPath, mediaId);
+                    if (System.IO.File.Exists(mediaPath)) {
+                        ss.Release();
+                        await using var stream = new FileStream(mediaPath, FileMode.Open);
+                        await stream.CopyToAsync(Response.Body);
+                        return;
+                    }
+                    else {
+                        var mediaUrl = await hsResolver.ResolveMediaUri(serverName, $"mxc://{serverName}/{mediaId}");
+                        if (mediaUrl is null)
+                            throw new MatrixException() {
+                                ErrorCode = "M_NOT_FOUND",
+                                Error = "Media not found"
+                            };
+                        await using var stream = System.IO.File.OpenWrite(mediaPath);
+                        using var response = await new HttpClient().GetAsync(mediaUrl);
+                        await response.Content.CopyToAsync(stream);
+                        await stream.FlushAsync();
+                        ss.Release();
+                        await DownloadMedia(serverName, mediaId);
+                        return;
+                    }
+                }
+                else {
+                    var mediaUrl = await hsResolver.ResolveMediaUri(serverName, $"mxc://{serverName}/{mediaId}");
+                    if (mediaUrl is null)
+                        throw new MatrixException() {
+                            ErrorCode = "M_NOT_FOUND",
+                            Error = "Media not found"
+                        };
+                    using var response = await new HttpClient().GetAsync(mediaUrl);
+                    await response.Content.CopyToAsync(Response.Body);
+                    return;
+                }
+
+                return;
+            }
+            catch (IOException) {
+                //ignored
+            }
+    }
+
+    [HttpGet("thumbnail/{serverName}/{mediaId}")]
+    public async Task DownloadThumbnail(string serverName, string mediaId) {
+        await DownloadMedia(serverName, mediaId);
+    }
+
+    [HttpGet("preview_url")]
+    public async Task<JsonObject> GetPreviewUrl([FromQuery] string url) {
+        JsonObject data = new();
+
+        using var hc = new HttpClient();
+        using var response = await hc.GetAsync(url);
+        var doc = await response.Content.ReadAsStringAsync();
+        var match = Regex.Match(doc, "<meta property=\"(.*?)\" content=\"(.*?)\"");
+
+        while (match.Success) {
+            data[match.Groups[1].Value] = match.Groups[2].Value;
+            match = match.NextMatch();
+        }
+
+        return data;
     }
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomAccountDataController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomAccountDataController.cs
new file mode 100644
index 0000000..bac803f
--- /dev/null
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomAccountDataController.cs
@@ -0,0 +1,78 @@
+using System.Text.Json.Serialization;
+using LibMatrix.HomeserverEmulator.Services;
+using Microsoft.AspNetCore.Mvc;
+
+namespace LibMatrix.HomeserverEmulator.Controllers.Rooms;
+
+[ApiController]
+[Route("/_matrix/client/{version}/rooms/{roomId}")]
+public class RoomAccountDataController(ILogger<RoomAccountDataController> logger, TokenService tokenService, UserStore userStore, RoomStore roomStore) : ControllerBase {
+    [HttpPost("read_markers")]
+    public async Task<object> SetReadMarkers(string roomId, [FromBody] ReadMarkersData data) {
+        var token = tokenService.GetAccessToken(HttpContext);
+        var user = await userStore.GetUserByToken(token);
+
+        var room = roomStore.GetRoomById(roomId);
+        if (room == null)
+            throw new MatrixException() {
+                ErrorCode = "M_NOT_FOUND",
+                Error = "Room not found"
+            };
+
+        if (!room.JoinedMembers.Any(x => x.StateKey == user.UserId))
+            throw new MatrixException() {
+                ErrorCode = "M_FORBIDDEN",
+                Error = "User is not in the room"
+            };
+
+        if (!room.ReadMarkers.ContainsKey(user.UserId))
+            room.ReadMarkers[user.UserId] = new();
+
+        if (data.FullyRead != null)
+            room.ReadMarkers[user.UserId].FullyRead = data.FullyRead;
+        if (data.Read != null)
+            room.ReadMarkers[user.UserId].Read = data.Read;
+        if (data.ReadPrivate != null)
+            room.ReadMarkers[user.UserId].ReadPrivate = data.ReadPrivate;
+
+        if (!room.AccountData.ContainsKey(user.UserId))
+            room.AccountData[user.UserId] = new();
+
+        room.AccountData[user.UserId].Add(new StateEventResponse() {
+            Type = "m.fully_read",
+            StateKey = user.UserId,
+            RawContent = new() {
+                ["event_id"] = data.FullyRead
+            }
+        });
+
+        room.AccountData[user.UserId].Add(new StateEventResponse() {
+            Type = "m.read",
+            StateKey = user.UserId,
+            RawContent = new() {
+                ["event_id"] = data.Read
+            }
+        });
+
+        room.AccountData[user.UserId].Add(new StateEventResponse() {
+            Type = "m.read.private",
+            StateKey = user.UserId,
+            RawContent = new() {
+                ["event_id"] = data.ReadPrivate
+            }
+        });
+
+        return data;
+    }
+}
+
+public class ReadMarkersData {
+    [JsonPropertyName("m.fully_read")]
+    public string? FullyRead { get; set; }
+
+    [JsonPropertyName("m.read")]
+    public string? Read { get; set; }
+
+    [JsonPropertyName("m.read.private")]
+    public string? ReadPrivate { get; set; }
+}
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomMembersController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomMembersController.cs
index d5f4217..7d735f7 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomMembersController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomMembersController.cs
@@ -1,19 +1,20 @@
 using LibMatrix.EventTypes.Spec.State;
 using LibMatrix.HomeserverEmulator.Services;
-using LibMatrix.Responses;
-using LibMatrix.RoomTypes;
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.OpenApi.Validations.Rules;
 
 namespace LibMatrix.HomeserverEmulator.Controllers.Rooms;
 
 [ApiController]
 [Route("/_matrix/client/{version}/rooms/{roomId}/")]
-public class RoomMembersController(ILogger<RoomMembersController> logger, TokenService tokenService, UserStore userStore, RoomStore roomStore) : ControllerBase {
+public class RoomMembersController(
+    ILogger<RoomMembersController> logger,
+    TokenService tokenService,
+    UserStore userStore,
+    RoomStore roomStore,
+    PaginationTokenResolverService paginationTokenResolver) : ControllerBase {
     [HttpGet("members")]
-    public async Task<List<StateEventResponse>> CreateRoom(string roomId, string? at = null, string? membership = null, string? not_membership = null) {
-        var token = tokenService.GetAccessToken(HttpContext);
+    public async Task<List<StateEventResponse>> GetMembers(string roomId, string? at = null, string? membership = null, string? not_membership = null) {
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
@@ -26,30 +27,50 @@ public class RoomMembersController(ILogger<RoomMembersController> logger, TokenS
                 ErrorCode = "M_UNKNOWN_TOKEN",
                 Error = "No such user"
             };
-        
+
         var room = roomStore.GetRoomById(roomId);
         if (room == null)
             throw new MatrixException() {
                 ErrorCode = "M_NOT_FOUND",
                 Error = "Room not found"
             };
-        
-        var members = room.State.Where(x => x.Type == "m.room.member").ToList();
-        
-        if(membership != null)
+
+        var members = room.Timeline.Where(x => x.Type == "m.room.member" && x.StateKey != null).ToList();
+
+        if (membership != null)
             members = members.Where(x => (x.TypedContent as RoomMemberEventContent)?.Membership == membership).ToList();
-        
-        if(not_membership != null)
+
+        if (not_membership != null)
             members = members.Where(x => (x.TypedContent as RoomMemberEventContent)?.Membership != not_membership).ToList();
 
         if (at != null) {
-            var evt = room.Timeline.FirstOrDefault(x => x.EventId == at);
+            StateEventResponse? evt = null;
+            if (at.StartsWith('$'))
+                evt = await paginationTokenResolver.ResolveTokenToEvent(at, room);
+
+            if (evt is null) {
+                var time = await paginationTokenResolver.ResolveTokenToTimestamp(at);
+                evt = room.Timeline.LastOrDefault(x => x.OriginServerTs <= time);
+                if (evt is null) {
+                    logger.LogWarning("Sent empty list of members for room {roomId} at {at}, because there were no events at this time!", roomId, at);
+                    return [];
+                }
+            }
+            else if (!room.Timeline.Contains(evt)) {
+                evt = room.Timeline.LastOrDefault(x => x.OriginServerTs <= evt.OriginServerTs);
+                if (evt is null) {
+                    logger.LogWarning("Sent empty list of members for room {roomId} at {at}, because there were no events at this time!", roomId, at);
+                    return [];
+                }
+            }
+
+            // evt = room.Timeline.FirstOrDefault(x => x.EventId == at);
             if (evt == null)
                 throw new MatrixException() {
                     ErrorCode = "M_NOT_FOUND",
                     Error = "Event not found"
                 };
-            
+
             members = members.Where(x => x.OriginServerTs <= evt.OriginServerTs).ToList();
         }
 
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomStateController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomStateController.cs
index cb5f213..3896ac0 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomStateController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomStateController.cs
@@ -10,7 +10,7 @@ namespace LibMatrix.HomeserverEmulator.Controllers.Rooms;
 public class RoomStateController(ILogger<RoomStateController> logger, TokenService tokenService, UserStore userStore, RoomStore roomStore) : ControllerBase {
     [HttpGet("")]
     public async Task<FrozenSet<StateEventResponse>> GetState(string roomId) {
-        var token = tokenService.GetAccessToken(HttpContext);
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
@@ -23,7 +23,7 @@ public class RoomStateController(ILogger<RoomStateController> logger, TokenServi
                 ErrorCode = "M_UNKNOWN_TOKEN",
                 Error = "No such user"
             };
-        
+
         var room = roomStore.GetRoomById(roomId);
         if (room == null)
             throw new MatrixException() {
@@ -33,15 +33,15 @@ public class RoomStateController(ILogger<RoomStateController> logger, TokenServi
 
         return room.State;
     }
-    
+
     [HttpGet("{eventType}")]
-    public async Task<StateEventResponse> GetState(string roomId, string eventType) {
-        return await GetState(roomId, eventType, "");
+    public async Task<object?> GetState(string roomId, string eventType, [FromQuery] string format = "client") {
+        return await GetState(roomId, eventType, "", format);
     }
-    
+
     [HttpGet("{eventType}/{stateKey}")]
-    public async Task<StateEventResponse> GetState(string roomId, string eventType, string stateKey) {
-        var token = tokenService.GetAccessToken(HttpContext);
+    public async Task<object?> GetState(string roomId, string eventType, string stateKey, [FromQuery] string format = "client") {
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
@@ -54,7 +54,7 @@ public class RoomStateController(ILogger<RoomStateController> logger, TokenServi
                 ErrorCode = "M_UNKNOWN_TOKEN",
                 Error = "No such user"
             };
-        
+
         var room = roomStore.GetRoomById(roomId);
         if (room == null)
             throw new MatrixException() {
@@ -68,17 +68,18 @@ public class RoomStateController(ILogger<RoomStateController> logger, TokenServi
                 ErrorCode = "M_NOT_FOUND",
                 Error = "Event not found"
             };
-        return stateEvent;
+        // return stateEvent;
+        return format == "event" ? stateEvent : stateEvent.RawContent;
     }
-        
+
     [HttpPut("{eventType}")]
     public async Task<EventIdResponse> SetState(string roomId, string eventType, [FromBody] StateEvent request) {
         return await SetState(roomId, eventType, "", request);
     }
-    
+
     [HttpPut("{eventType}/{stateKey}")]
     public async Task<EventIdResponse> SetState(string roomId, string eventType, string stateKey, [FromBody] StateEvent request) {
-        var token = tokenService.GetAccessToken(HttpContext);
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
@@ -91,7 +92,7 @@ public class RoomStateController(ILogger<RoomStateController> logger, TokenServi
                 ErrorCode = "M_UNKNOWN_TOKEN",
                 Error = "No such user"
             };
-        
+
         var room = roomStore.GetRoomById(roomId);
         if (room == null)
             throw new MatrixException() {
@@ -101,7 +102,7 @@ public class RoomStateController(ILogger<RoomStateController> logger, TokenServi
         var evt = room.SetStateInternal(request.ToStateEvent(user, room));
         evt.Type = eventType;
         evt.StateKey = stateKey;
-        return new EventIdResponse(){
+        return new EventIdResponse() {
             EventId = evt.EventId ?? throw new InvalidOperationException("EventId is null")
         };
     }
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomTimelineController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomTimelineController.cs
index c9bdb57..3d23660 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomTimelineController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomTimelineController.cs
@@ -1,29 +1,30 @@
-using System.Collections.Frozen;
+using System.Collections.Immutable;
+using System.Diagnostics;
 using System.Text.Json.Nodes;
+using ArcaneLibs;
+using LibMatrix.EventTypes.Spec;
+using LibMatrix.EventTypes.Spec.State;
+using LibMatrix.Helpers;
 using LibMatrix.HomeserverEmulator.Extensions;
 using LibMatrix.HomeserverEmulator.Services;
+using LibMatrix.Responses;
+using LibMatrix.Services;
 using Microsoft.AspNetCore.Mvc;
 
 namespace LibMatrix.HomeserverEmulator.Controllers.Rooms;
 
 [ApiController]
 [Route("/_matrix/client/{version}/rooms/{roomId}")]
-public class RoomTimelineController(ILogger<RoomTimelineController> logger, TokenService tokenService, UserStore userStore, RoomStore roomStore) : ControllerBase {
+public class RoomTimelineController(
+    ILogger<RoomTimelineController> logger,
+    TokenService tokenService,
+    UserStore userStore,
+    RoomStore roomStore,
+    HomeserverProviderService hsProvider) : ControllerBase {
     [HttpPut("send/{eventType}/{txnId}")]
     public async Task<EventIdResponse> SendMessage(string roomId, string eventType, string txnId, [FromBody] JsonObject content) {
         var token = tokenService.GetAccessToken(HttpContext);
-        if (token == null)
-            throw new MatrixException() {
-                ErrorCode = "M_MISSING_TOKEN",
-                Error = "Missing token"
-            };
-
         var user = await userStore.GetUserByToken(token);
-        if (user == null)
-            throw new MatrixException() {
-                ErrorCode = "M_UNKNOWN_TOKEN",
-                Error = "No such user"
-            };
 
         var room = roomStore.GetRoomById(roomId);
         if (room == null)
@@ -32,7 +33,7 @@ public class RoomTimelineController(ILogger<RoomTimelineController> logger, Toke
                 Error = "Room not found"
             };
 
-        if (!room.JoinedMembers.Any(x=>x.StateKey == user.UserId))
+        if (!room.JoinedMembers.Any(x => x.StateKey == user.UserId))
             throw new MatrixException() {
                 ErrorCode = "M_FORBIDDEN",
                 Error = "User is not in the room"
@@ -44,9 +45,272 @@ public class RoomTimelineController(ILogger<RoomTimelineController> logger, Toke
         }.ToStateEvent(user, room);
 
         room.Timeline.Add(evt);
+        if (evt.Type == RoomMessageEventContent.EventId && (evt.TypedContent as RoomMessageEventContent).Body.StartsWith("!hse"))
+            await HandleHseCommand(evt, room, user);
+        // else
 
         return new() {
             EventId = evt.EventId
         };
     }
+
+    [HttpGet("messages")]
+    public async Task<MessagesResponse> GetMessages(string roomId, [FromQuery] string? from = null, [FromQuery] string? to = null, [FromQuery] int limit = 100,
+        [FromQuery] string? dir = "b") {
+        var token = tokenService.GetAccessToken(HttpContext);
+        var user = await userStore.GetUserByToken(token);
+
+        var room = roomStore.GetRoomById(roomId);
+        if (room == null)
+            throw new MatrixException() {
+                ErrorCode = "M_NOT_FOUND",
+                Error = "Room not found"
+            };
+
+        if (!room.JoinedMembers.Any(x => x.StateKey == user.UserId))
+            throw new MatrixException() {
+                ErrorCode = "M_FORBIDDEN",
+                Error = "User is not in the room"
+            };
+
+        if (dir == "b") {
+            var timeline = room.Timeline.TakeLast(limit).ToList();
+            return new() {
+                Start = timeline.First().EventId,
+                End = timeline.Last().EventId,
+                Chunk = timeline.AsEnumerable().Reverse().ToList(),
+                State = timeline.GetCalculatedState()
+            };
+        }
+        else if (dir == "f") {
+            var timeline = room.Timeline.Take(limit).ToList();
+            return new() {
+                Start = timeline.First().EventId,
+                End = room.Timeline.Last() == timeline.Last() ? null : timeline.Last().EventId,
+                Chunk = timeline
+            };
+        }
+        else
+            throw new MatrixException() {
+                ErrorCode = "M_BAD_REQUEST",
+                Error = $"Invalid direction '{dir}'"
+            };
+    }
+
+    [HttpGet("event/{eventId}")]
+    public async Task<StateEventResponse> GetEvent(string roomId, string eventId) {
+        var token = tokenService.GetAccessToken(HttpContext);
+        var user = await userStore.GetUserByToken(token);
+
+        var room = roomStore.GetRoomById(roomId);
+        if (room == null)
+            throw new MatrixException() {
+                ErrorCode = "M_NOT_FOUND",
+                Error = "Room not found"
+            };
+
+        if (!room.JoinedMembers.Any(x => x.StateKey == user.UserId))
+            throw new MatrixException() {
+                ErrorCode = "M_FORBIDDEN",
+                Error = "User is not in the room"
+            };
+
+        var evt = room.Timeline.SingleOrDefault(x => x.EventId == eventId);
+        if (evt == null)
+            throw new MatrixException() {
+                ErrorCode = "M_NOT_FOUND",
+                Error = "Event not found"
+            };
+
+        return evt;
+    }
+
+#region Commands
+
+    private void InternalSendMessage(RoomStore.Room room, string content) {
+        InternalSendMessage(room, new MessageBuilder().WithBody(content).Build());
+    }
+
+    private void InternalSendMessage(RoomStore.Room room, RoomMessageEventContent content) {
+        logger.LogInformation("Sending internal message: {content}", content.Body);
+        room.Timeline.Add(new StateEventResponse() {
+            Type = RoomMessageEventContent.EventId,
+            TypedContent = content,
+            Sender = $"@hse:{tokenService.GenerateServerName(HttpContext)}",
+            RoomId = room.RoomId,
+            EventId = "$" + string.Join("", Random.Shared.GetItems("abcdefghijklmnopqrstuvwxyzABCDEFGHIJLKMNOPQRSTUVWXYZ0123456789".ToCharArray(), 100)),
+            OriginServerTs = DateTimeOffset.Now.ToUnixTimeMilliseconds()
+        });
+    }
+
+    private async Task HandleHseCommand(StateEventResponse evt, RoomStore.Room room, UserStore.User user) {
+        try {
+            var msgContent = evt.TypedContent as RoomMessageEventContent;
+            var parts = msgContent.Body.Split('\n')[0].Split(" ");
+            if (parts.Length < 2) return;
+
+            var command = parts[1];
+            switch (command) {
+                case "import":
+                    await HandleImportCommand(parts[2..], evt, room, user);
+                    break;
+                case "import-nheko-profiles":
+                    await HandleImportNhekoProfilesCommand(parts[2..], evt, room, user);
+                    break;
+                case "clear-sync-states":
+                    foreach (var (token, session) in user.AccessTokens) {
+                        session.SyncStates.Clear();
+                        InternalSendMessage(room, $"Cleared sync states for {token}.");
+                    }
+
+                    break;
+                case "rsp": {
+                    await Task.Delay(1000);
+                    var chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJLKMNOPQRSTUVWXYZ0123456789";
+                    for (int i = 0; i < 10000; i++) {
+                        // await Task.Delay(100);
+                        // InternalSendMessage(room, $"https://music.youtube.com/watch?v=90oZtyvavSk&i={i}");
+                        var url = $"https://music.youtube.com/watch?v=";
+                        for (int j = 0; j < 11; j++) {
+                            url += chars[Random.Shared.Next(chars.Length)];
+                        }
+
+                        InternalSendMessage(room, url + "&i=" + i);
+                        if (i % 5000 == 0 || i == 9999) {
+                            Thread.Sleep(5000);
+
+                            do {
+                                InternalSendMessage(room,
+                                    $"Current GC memory: {Util.BytesToString(GC.GetTotalMemory(false))}, total process memory: {Util.BytesToString(Process.GetCurrentProcess().WorkingSet64)}");
+                                GC.Collect(GC.MaxGeneration, GCCollectionMode.Aggressive, true, true);
+                                GC.WaitForPendingFinalizers();
+                                InternalSendMessage(room,
+                                    $"GC memory: {Util.BytesToString(GC.GetTotalMemory(false))}, total process memory: {Util.BytesToString(Process.GetCurrentProcess().WorkingSet64)}");
+                                await Task.Delay(5000);
+                            } while (Process.GetCurrentProcess().WorkingSet64 >= 1_024_000_000);
+                        }
+                    }
+                    break;
+                }
+                case "genrooms": {
+                    var sw = Stopwatch.StartNew();
+                    var count = 1000;
+                    for (int i = 0; i < count; i++) {
+                        var crq = new CreateRoomRequest() {
+                            Name = "Test room",
+                            CreationContent = new() {
+                                ["version"] = "11"
+                            },
+                            InitialState = []
+                        };
+
+                        if (Random.Shared.Next(100) > 75) {
+                            crq.CreationContent["type"] = "m.space";
+                            foreach (var item in Random.Shared.GetItems(roomStore._rooms.ToArray(), 50)) {
+                                crq.InitialState!.Add(new StateEvent() {
+                                    Type = "m.space.child",
+                                    StateKey = item.RoomId,
+                                    TypedContent = new SpaceChildEventContent() {
+                                        Suggested = true,
+                                        AutoJoin = true,
+                                        Via = new List<string>()
+                                    }
+                                }.ToStateEvent(user, room));
+                            }
+                        }
+                        var newRoom = roomStore.CreateRoom(crq);
+                        newRoom.AddUser(user.UserId);
+                    }
+                    InternalSendMessage(room, $"Generated {count} new rooms in {sw.Elapsed}!");
+                    break;
+                }
+                case "gc":
+                    InternalSendMessage(room,
+                        $"Current GC memory: {Util.BytesToString(GC.GetTotalMemory(false))}, total process memory: {Util.BytesToString(Process.GetCurrentProcess().WorkingSet64)}");
+                    GC.Collect(GC.MaxGeneration, GCCollectionMode.Aggressive, true, true);
+                    GC.WaitForPendingFinalizers();
+                    InternalSendMessage(room,
+                        $"GC memory: {Util.BytesToString(GC.GetTotalMemory(false))}, total process memory: {Util.BytesToString(Process.GetCurrentProcess().WorkingSet64)}");
+                    break;
+                default:
+                    InternalSendMessage(room, $"Command {command} not found!");
+                    break;
+            }
+        }
+        catch (Exception ex) {
+            InternalSendMessage(room, $"An error occurred: {ex.Message}");
+        }
+    }
+
+    private async Task HandleImportNhekoProfilesCommand(string[] args, StateEventResponse evt, RoomStore.Room room, UserStore.User user) {
+        var msgContent = evt.TypedContent as RoomMessageEventContent;
+        var parts = msgContent.Body.Split('\n');
+
+        var data = parts.Where(x => x.Contains(@"\auth\access_token") || x.Contains(@"\auth\home_server")).ToList();
+        if (data.Count < 2) {
+            InternalSendMessage(room, "Invalid data.");
+            return;
+        }
+
+        foreach (var line in data) {
+            var processedLine = line.Replace("\\\\", "\\").Replace("\\_", "_");
+
+            if (!processedLine.Contains(@"\auth\")) continue;
+            var profile = processedLine.Split(@"\auth\")[0];
+            if (!user.AuthorizedSessions.ContainsKey(profile))
+                user.AuthorizedSessions.Add(profile, new());
+            if (processedLine.Contains(@"home_server")) {
+                var server = processedLine.Split('=')[1];
+                user.AuthorizedSessions[profile].Homeserver = server;
+            }
+            else if (processedLine.Contains(@"access_token")) {
+                var token = processedLine.Split('=')[1];
+                user.AuthorizedSessions[profile].AccessToken = token;
+            }
+        }
+
+        foreach (var (key, session) in user.AuthorizedSessions.ToList()) {
+            if (string.IsNullOrWhiteSpace(session.Homeserver) || string.IsNullOrWhiteSpace(session.AccessToken)) {
+                InternalSendMessage(room, $"Invalid profile {key}");
+                user.AuthorizedSessions.Remove(key);
+                continue;
+            }
+
+            InternalSendMessage(room, $"Got profile {key} with server {session.AccessToken}");
+        }
+    }
+
+    private async Task HandleImportCommand(string[] args, StateEventResponse evt, RoomStore.Room room, UserStore.User user) {
+        var roomId = args[0];
+        var profile = args[1];
+
+        InternalSendMessage(room, $"Importing room {roomId} through profile {profile}...");
+        if (!user.AuthorizedSessions.ContainsKey(profile)) {
+            InternalSendMessage(room, $"Profile {profile} not found.");
+            return;
+        }
+
+        var userProfile = user.AuthorizedSessions[profile];
+
+        InternalSendMessage(room, $"Authenticating with {userProfile.Homeserver}...");
+        var hs = await hsProvider.GetAuthenticatedWithToken(userProfile.Homeserver, userProfile.AccessToken);
+        InternalSendMessage(room, $"Authenticated with {userProfile.Homeserver}.");
+        var hsRoom = hs.GetRoom(roomId);
+
+        InternalSendMessage(room, $"Starting import...");
+        var internalRoom = new RoomStore.Room(roomId);
+
+        var timeline = hsRoom.GetManyMessagesAsync(limit: int.MaxValue, dir: "b", chunkSize: 100000);
+        await foreach (var resp in timeline) {
+            internalRoom.Timeline = new(resp.Chunk.AsEnumerable().Reverse().Concat(internalRoom.Timeline));
+            InternalSendMessage(room, $"Imported {resp.Chunk.Count} events. Now up to a total of {internalRoom.Timeline.Count} events.");
+        }
+
+        InternalSendMessage(room, $"Import complete. Saving and inserting user");
+        roomStore.AddRoom(internalRoom);
+        internalRoom.AddUser(user.UserId);
+        InternalSendMessage(room, $"Import complete. Room is now available.");
+    }
+
+#endregion
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomsController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomsController.cs
index b0f5014..6849ff8 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomsController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Rooms/RoomsController.cs
@@ -14,7 +14,7 @@ public class RoomsController(ILogger<RoomsController> logger, TokenService token
     //createRoom
     [HttpPost("createRoom")]
     public async Task<RoomIdResponse> CreateRoom([FromBody] CreateRoomRequest request) {
-        var token = tokenService.GetAccessToken(HttpContext);
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
@@ -71,7 +71,7 @@ public class RoomsController(ILogger<RoomsController> logger, TokenService token
 
     [HttpPost("rooms/{roomId}/upgrade")]
     public async Task<object> UpgradeRoom(string roomId, [FromBody] UpgradeRoomRequest request) {
-        var token = tokenService.GetAccessToken(HttpContext);
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
@@ -125,7 +125,7 @@ public class RoomsController(ILogger<RoomsController> logger, TokenService token
     
     [HttpPost("rooms/{roomId}/leave")] // TODO: implement
     public async Task<object> LeaveRoom(string roomId) {
-        var token = tokenService.GetAccessToken(HttpContext);
+        var token = tokenService.GetAccessTokenOrNull(HttpContext);
         if (token == null)
             throw new MatrixException() {
                 ErrorCode = "M_MISSING_TOKEN",
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/SyncController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/SyncController.cs
index afcf711..024d071 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/SyncController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/SyncController.cs
@@ -1,6 +1,8 @@
 using System.Diagnostics;
 using System.Diagnostics.CodeAnalysis;
 using ArcaneLibs.Extensions;
+using LibMatrix.EventTypes.Spec.State;
+using LibMatrix.HomeserverEmulator.Extensions;
 using LibMatrix.HomeserverEmulator.Services;
 using LibMatrix.Responses;
 using Microsoft.AspNetCore.Mvc;
@@ -15,11 +17,6 @@ public class SyncController(ILogger<SyncController> logger, TokenService tokenSe
     public async Task<SyncResponse> Sync([FromQuery] string? since = null, [FromQuery] int? timeout = 5000) {
         var sw = Stopwatch.StartNew();
         var token = tokenService.GetAccessToken(HttpContext);
-        if (token == null)
-            throw new MatrixException() {
-                ErrorCode = "M_MISSING_TOKEN",
-                Error = "Missing token"
-            };
 
         var user = await userStore.GetUserByToken(token);
         if (user == null)
@@ -28,63 +25,67 @@ public class SyncController(ILogger<SyncController> logger, TokenService tokenSe
                 Error = "No such user"
             };
         var session = user.AccessTokens[token];
+        UserStore.User.SessionInfo.UserSyncState newSyncState = new();
+
+        SyncResponse syncResp;
+        if (string.IsNullOrWhiteSpace(since) || !session.SyncStates.ContainsKey(since))
+            syncResp = InitialSync(user, session);
+        else {
+            var syncState = session.SyncStates[since];
+            newSyncState = syncState.Clone();
 
-        if (string.IsNullOrWhiteSpace(since))
-            return InitialSync(user, session);
+            var newSyncToken = Guid.NewGuid().ToString();
+            do {
+                syncResp = IncrementalSync(user, session, syncState);
+                syncResp.NextBatch = newSyncToken;
+            } while (!await HasDataOrStall(syncResp) && sw.ElapsedMilliseconds < timeout);
 
-        if (!session.SyncStates.TryGetValue(since, out var syncState))
-            if (!cfg.UnknownSyncTokenIsInitialSync)
-                throw new MatrixException() {
-                    ErrorCode = "M_UNKNOWN",
-                    Error = "Unknown sync token."
+            if (sw.ElapsedMilliseconds > timeout) {
+                logger.LogTrace("Sync timed out after {Elapsed}", sw.Elapsed);
+                return new() {
+                    NextBatch = since
                 };
-            else
-                return InitialSync(user, session);
+            }
+        }
 
-        var response = new SyncResponse() {
-            NextBatch = Guid.NewGuid().ToString(),
-            DeviceOneTimeKeysCount = new()
-        };
+        session.SyncStates[syncResp.NextBatch] = RecalculateSyncStates(newSyncState, syncResp);
+        logger.LogTrace("Responding to sync after {totalElapsed}", sw.Elapsed);
+        return syncResp;
+    }
 
-        session.SyncStates.Add(response.NextBatch, new() {
-            RoomPositions = syncState.RoomPositions.ToDictionary(x => x.Key, x => new UserStore.User.SessionInfo.UserSyncState.SyncRoomPosition() {
-                TimelinePosition = roomStore._rooms.First(y => y.RoomId == x.Key).Timeline.Count,
-                AccountDataPosition = roomStore._rooms.First(y => y.RoomId == x.Key).AccountData[user.UserId].Count
-            })
-        });
-
-        if (!string.IsNullOrWhiteSpace(since)) {
-            while (sw.ElapsedMilliseconds < timeout && response.Rooms?.Join is not { Count: > 0 }) {
-                await Task.Delay(100);
-                var rooms = roomStore._rooms.Where(x => x.State.Any(y => y.Type == "m.room.member" && y.StateKey == user.UserId)).ToList();
-                foreach (var room in rooms) {
-                    var roomPositions = syncState.RoomPositions[room.RoomId];
-
-                    response.Rooms ??= new();
-                    response.Rooms.Join ??= new();
-                    response.Rooms.Join[room.RoomId] = new() {
-                        Timeline = new(events: room.Timeline.Skip(roomPositions.TimelinePosition).ToList(), limited: false),
-                        AccountData = new(room.AccountData.GetOrCreate(user.UserId, _ => []).Skip(roomPositions.AccountDataPosition).ToList())
-                    };
-                    if (response.Rooms.Join[room.RoomId].Timeline?.Events?.Count > 0)
-                        response.Rooms.Join[room.RoomId].State = new(response.Rooms.Join[room.RoomId].Timeline!.Events.Where(x => x.StateKey != null).ToList());
-                    session.SyncStates[response.NextBatch].RoomPositions[room.RoomId] = new() {
-                        TimelinePosition = room.Timeline.Count,
-                        AccountDataPosition = room.AccountData[user.UserId].Count
-                    };
+    private UserStore.User.SessionInfo.UserSyncState RecalculateSyncStates(UserStore.User.SessionInfo.UserSyncState newSyncState, SyncResponse sync) {
+        logger.LogTrace("Updating sync state");
+        var syncStateRecalcSw = Stopwatch.StartNew();
+        foreach (var (roomId, roomData) in sync.Rooms?.Join ?? []) {
+            if (!newSyncState.RoomPositions.ContainsKey(roomId))
+                newSyncState.RoomPositions[roomId] = new();
+            var state = newSyncState.RoomPositions[roomId];
 
-                    if (response.Rooms.Join[room.RoomId].State?.Events?.Count == 0 &&
-                        response.Rooms.Join[room.RoomId].Timeline?.Events?.Count == 0 &&
-                        response.Rooms.Join[room.RoomId].AccountData?.Events?.Count == 0
-                       )
-                        response.Rooms.Join.Remove(room.RoomId);
-                }
-            }
+            state.TimelinePosition += roomData.Timeline?.Events?.Count ?? 0;
+            state.LastTimelineEventId = roomData.Timeline?.Events?.LastOrDefault()?.EventId ?? state.LastTimelineEventId;
+            state.AccountDataPosition += roomData.AccountData?.Events?.Count ?? 0;
+            state.Joined = true;
         }
 
-        return response;
+        foreach (var (roomId, _) in sync.Rooms?.Invite ?? []) {
+            if (!newSyncState.RoomPositions.ContainsKey(roomId))
+                newSyncState.RoomPositions[roomId] = new() {
+                    Joined = false
+                };
+        }
+
+        foreach (var (roomId, _) in sync.Rooms?.Leave ?? []) {
+            if (newSyncState.RoomPositions.ContainsKey(roomId))
+                newSyncState.RoomPositions.Remove(roomId);
+        }
+
+        logger.LogTrace("Updated sync state in {Elapsed}", syncStateRecalcSw.Elapsed);
+
+        return newSyncState;
     }
 
+#region Initial Sync parts
+
     private SyncResponse InitialSync(UserStore.User user, UserStore.User.SessionInfo session) {
         var response = new SyncResponse() {
             NextBatch = Guid.NewGuid().ToString(),
@@ -98,17 +99,174 @@ public class SyncController(ILogger<SyncController> logger, TokenService tokenSe
         foreach (var room in rooms) {
             response.Rooms ??= new();
             response.Rooms.Join ??= new();
+
             response.Rooms.Join[room.RoomId] = new() {
                 State = new(room.State.ToList()),
                 Timeline = new(events: room.Timeline.ToList(), limited: false),
                 AccountData = new(room.AccountData.GetOrCreate(user.UserId, _ => []).ToList())
             };
-            session.SyncStates[response.NextBatch].RoomPositions[room.RoomId] = new() {
-                TimelinePosition = room.Timeline.Count,
-                AccountDataPosition = room.AccountData[user.UserId].Count
-            };
         }
 
         return response;
     }
+
+    private SyncResponse.RoomsDataStructure.JoinedRoomDataStructure GetInitialSyncRoomData(RoomStore.Room room, UserStore.User user) {
+        return new() {
+            State = new(room.State.ToList()),
+            Timeline = new(room.Timeline.ToList(), false),
+            AccountData = new(room.AccountData.GetOrCreate(user.UserId, _ => []).ToList())
+        };
+    }
+
+#endregion
+
+    private SyncResponse IncrementalSync(UserStore.User user, UserStore.User.SessionInfo session, UserStore.User.SessionInfo.UserSyncState syncState) {
+        return new SyncResponse {
+            Rooms = GetIncrementalSyncRooms(user, session, syncState)
+        };
+    }
+
+#region Incremental Sync parts
+
+    private SyncResponse.RoomsDataStructure GetIncrementalSyncRooms(UserStore.User user, UserStore.User.SessionInfo session, UserStore.User.SessionInfo.UserSyncState syncState) {
+        SyncResponse.RoomsDataStructure data = new() {
+            Join = [],
+            Invite = [],
+            Leave = []
+        };
+
+        // step 1: check previously synced rooms
+        foreach (var (roomId, roomPosition) in syncState.RoomPositions) {
+            var room = roomStore.GetRoomById(roomId);
+            if (room == null) {
+                // room no longer exists
+                data.Leave[roomId] = new();
+                continue;
+            }
+
+            if (roomPosition.Joined) {
+                var newTimelineEvents = room.Timeline.Skip(roomPosition.TimelinePosition).ToList();
+                var newAccountDataEvents = room.AccountData[user.UserId].Skip(roomPosition.AccountDataPosition).ToList();
+                if (newTimelineEvents.Count == 0 && newAccountDataEvents.Count == 0) continue;
+                data.Join[room.RoomId] = new() {
+                    State = new(newTimelineEvents.GetCalculatedState()),
+                    Timeline = new(newTimelineEvents, false)
+                };
+            }
+        }
+
+        if (data.Join.Count > 0) return data;
+
+        // step 2: check newly joined rooms
+        var untrackedRooms = roomStore._rooms.Where(r => !syncState.RoomPositions.ContainsKey(r.RoomId)).ToList();
+
+        var allJoinedRooms = roomStore.GetRoomsByMember(user.UserId).ToArray();
+        if (allJoinedRooms.Length == 0) return data;
+        var rooms = Random.Shared.GetItems(allJoinedRooms, Math.Min(allJoinedRooms.Length, 50));
+        foreach (var membership in rooms) {
+            var membershipContent = membership.TypedContent as RoomMemberEventContent ??
+                                    throw new InvalidOperationException("Membership event content is not RoomMemberEventContent");
+            var room = roomStore.GetRoomById(membership.RoomId!);
+            //handle leave
+            if (syncState.RoomPositions.TryGetValue(membership.RoomId!, out var syncPosition)) {
+                // logger.LogTrace("Found sync position {roomId} {value}", room.RoomId, syncPosition.ToJson(indent: false, ignoreNull: false));
+
+                if (membershipContent.Membership == "join") {
+                    var newTimelineEvents = room.Timeline.Skip(syncPosition.TimelinePosition).ToList();
+                    var newAccountDataEvents = room.AccountData[user.UserId].Skip(syncPosition.AccountDataPosition).ToList();
+                    if (newTimelineEvents.Count == 0 && newAccountDataEvents.Count == 0) continue;
+                    data.Join[room.RoomId] = new() {
+                        State = new(newTimelineEvents.GetCalculatedState()),
+                        Timeline = new(newTimelineEvents, false)
+                    };
+                }
+            }
+            else {
+                //syncPosisition = null
+                if (membershipContent.Membership == "join") {
+                    var joinData = data.Join[membership.RoomId!] = new() {
+                        State = new(room.State.ToList()),
+                        Timeline = new(events: room.Timeline.ToList(), limited: false),
+                        AccountData = new(room.AccountData.GetOrCreate(user.UserId, _ => []).ToList())
+                    };
+                }
+            }
+        }
+
+        //handle nonexistant rooms
+        foreach (var roomId in syncState.RoomPositions.Keys) {
+            if (!roomStore._rooms.Any(x => x.RoomId == roomId)) {
+                data.Leave[roomId] = new();
+                session.SyncStates[session.SyncStates.Last().Key].RoomPositions.Remove(roomId);
+            }
+        }
+
+        return data;
+    }
+
+#endregion
+
+    private async Task<bool> HasDataOrStall(SyncResponse resp) {
+        // logger.LogTrace("Checking if sync response has data: {resp}", resp.ToJson(indent: false, ignoreNull: true));
+        // if (resp.AccountData?.Events?.Count > 0) return true;
+        // if (resp.Rooms?.Invite?.Count > 0) return true;
+        // if (resp.Rooms?.Join?.Count > 0) return true;
+        // if (resp.Rooms?.Leave?.Count > 0) return true;
+        // if (resp.Presence?.Events?.Count > 0) return true;
+        // if (resp.DeviceLists?.Changed?.Count > 0) return true;
+        // if (resp.DeviceLists?.Left?.Count > 0) return true;
+        // if (resp.ToDevice?.Events?.Count > 0) return true;
+        //
+        // var hasData =
+        //     resp is not {
+        //         AccountData: null or {
+        //             Events: null or { Count: 0 }
+        //         },
+        //         Rooms: null or {
+        //             Invite: null or { Count: 0 },
+        //             Join: null or { Count: 0 },
+        //             Leave: null or { Count: 0 }
+        //         },
+        //         Presence: null or {
+        //             Events: null or { Count: 0 }
+        //         },
+        //         DeviceLists: null or {
+        //             Changed: null or { Count: 0 },
+        //             Left: null or { Count: 0 }
+        //         },
+        //         ToDevice: null or {
+        //             Events: null or { Count: 0 }
+        //         }
+        //     };
+
+        var hasData = resp is {
+            AccountData: {
+                Events: { Count: > 0 }
+            }
+        } or {
+            Presence: {
+                Events: { Count: > 0 }
+            }
+        } or {
+            DeviceLists: {
+                Changed: { Count: > 0 },
+                Left: { Count: > 0 }
+            }
+        } or {
+            ToDevice: {
+                Events: { Count: > 0 }
+            }
+        };
+
+        if (!hasData) {
+            // hasData = 
+        }
+
+        if (!hasData) {
+            // logger.LogDebug($"Sync response has no data, stalling for 1000ms: {resp.ToJson(indent: false, ignoreNull: true)}");
+            await Task.Delay(10);
+        }
+
+        return hasData;
+    }
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/ThirdParty/ThirdPartyController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/ThirdParty/ThirdPartyController.cs
new file mode 100644
index 0000000..ff006df
--- /dev/null
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/ThirdParty/ThirdPartyController.cs
@@ -0,0 +1,25 @@
+using LibMatrix.HomeserverEmulator.Services;
+using Microsoft.AspNetCore.Mvc;
+
+namespace LibMatrix.HomeserverEmulator.Controllers.ThirdParty;
+
+[ApiController]
+[Route("/_matrix/client/{version}/thirdparty/")]
+public class ThirdPartyController(ILogger<ThirdPartyController> logger, TokenService tokenService, UserStore userStore, RoomStore roomStore) : ControllerBase {
+    [HttpGet("protocols")]
+    public async Task<object> GetProtocols() {
+        return new { };
+    }
+
+    [HttpGet("location")]
+    public async Task<List<object>> GetLocations([FromQuery] string alias) {
+        // TODO: implement
+        return [];
+    }
+
+    [HttpGet("location/{protocol}")]
+    public async Task<List<object>> GetLocation([FromRoute] string protocol) {
+        // TODO: implement
+        return [];
+    }
+}
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/AccountDataController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/AccountDataController.cs
index 8cd5c75..a32d283 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/AccountDataController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/AccountDataController.cs
@@ -1,81 +1,68 @@
-using System.Text.Json.Nodes;

-using ArcaneLibs.Extensions;

-using LibMatrix.EventTypes.Spec.State;

-using LibMatrix.Filters;

-using LibMatrix.HomeserverEmulator.Services;

-using LibMatrix.Responses;

-using Microsoft.AspNetCore.Mvc;

-

-namespace LibMatrix.HomeserverEmulator.Controllers;

-

-[ApiController]

-[Route("/_matrix/client/{version}/")]

-public class AccountDataController(ILogger<AccountDataController> logger, TokenService tokenService, UserStore userStore, RoomStore roomStore) : ControllerBase {

-    [HttpGet("user/{mxid}/account_data/{type}")]

-    public async Task<object> GetAccountData(string type) {

-        var token = tokenService.GetAccessToken(HttpContext);

-        if (token is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "No token passed."

-            };

-

-        var user = await userStore.GetUserByToken(token, false);

-        if (user is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "Invalid token."

-            };

-        var value = user.AccountData.FirstOrDefault(x=>x.Type == type);

-        if (value is null)

-            throw new MatrixException() {

-                ErrorCode = "M_NOT_FOUND",

-                Error = "Key not found."

-            };

-        return value;

-    }

-    

-    [HttpPut("user/{mxid}/account_data/{type}")]

-    public async Task<object> SetAccountData(string type, [FromBody] JsonObject data) {

-        var token = tokenService.GetAccessToken(HttpContext);

-        if (token is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "No token passed."

-            };

-

-        var user = await userStore.GetUserByToken(token, false);

-        if (user is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "Invalid token."

-            };

-        

-        user.AccountData.Where(x=>x.Type == type).ToList().ForEach(response => user.AccountData.Remove(response));

-        

-        user.AccountData.Add(new() {

-            Type = type,

-            RawContent = data

-        });

-        return data;

-    }

-    

-    // specialised account data...

-    [HttpGet("pushrules")]

-    public async Task<object> GetPushRules() {

-        var token = tokenService.GetAccessToken(HttpContext);

-        if (token is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "No token passed."

-            };

-

-        var user = await userStore.GetUserByToken(token, false);

-        if (user is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "Invalid token."

-            };

-        return new { };

-    }

+using System.Text.Json.Nodes;
+using ArcaneLibs.Extensions;
+using LibMatrix.EventTypes.Spec.State;
+using LibMatrix.Filters;
+using LibMatrix.HomeserverEmulator.Services;
+using LibMatrix.Responses;
+using Microsoft.AspNetCore.Mvc;
+
+namespace LibMatrix.HomeserverEmulator.Controllers;
+
+[ApiController]
+[Route("/_matrix/client/{version}/")]
+public class AccountDataController(ILogger<AccountDataController> logger, TokenService tokenService, UserStore userStore, RoomStore roomStore) : ControllerBase {
+    [HttpGet("user/{mxid}/account_data/{type}")]
+    public async Task<object> GetAccountData(string type) {
+        var token = tokenService.GetAccessToken(HttpContext);
+        var user = await userStore.GetUserByToken(token, false);
+        if (user is null)
+            throw new MatrixException() {
+                ErrorCode = "M_UNAUTHORIZED",
+                Error = "Invalid token."
+            };
+
+        var value = user.AccountData.FirstOrDefault(x => x.Type == type);
+        if (value is null)
+            throw new MatrixException() {
+                ErrorCode = "M_NOT_FOUND",
+                Error = "Key not found."
+            };
+        return value;
+    }
+
+    [HttpPut("user/{mxid}/account_data/{type}")]
+    public async Task<object> SetAccountData(string type, [FromBody] JsonObject data) {
+        var token = tokenService.GetAccessToken(HttpContext);
+        var user = await userStore.GetUserByToken(token, false);
+        if (user is null)
+            throw new MatrixException() {
+                ErrorCode = "M_UNAUTHORIZED",
+                Error = "Invalid token."
+            };
+
+        user.AccountData.Add(new() {
+            Type = type,
+            RawContent = data
+        });
+        return data;
+    }
+
+    // specialised account data...
+    [HttpGet("pushrules")]
+    public async Task<object> GetPushRules() {
+        var token = tokenService.GetAccessToken(HttpContext);
+        if (token is null)
+            throw new MatrixException() {
+                ErrorCode = "M_UNAUTHORIZED",
+                Error = "No token passed."
+            };
+
+        var user = await userStore.GetUserByToken(token, false);
+        if (user is null)
+            throw new MatrixException() {
+                ErrorCode = "M_UNAUTHORIZED",
+                Error = "Invalid token."
+            };
+        return new { };
+    }
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/FilterController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/FilterController.cs
index ecbccd4..bdee7bc 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/FilterController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/FilterController.cs
@@ -14,12 +14,6 @@ public class FilterController(ILogger<FilterController> logger, TokenService tok
     [HttpPost("user/{mxid}/filter")]

     public async Task<object> CreateFilter(string mxid, [FromBody] SyncFilter filter) {

         var token = tokenService.GetAccessToken(HttpContext);

-        if (token is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "No token passed."

-            };

-

         var user = await userStore.GetUserByToken(token, false);

         if (user is null)

             throw new MatrixException() {

@@ -36,12 +30,6 @@ public class FilterController(ILogger<FilterController> logger, TokenService tok
     [HttpGet("user/{mxid}/filter/{filterId}")]

     public async Task<SyncFilter> GetFilter(string mxid, string filterId) {

         var token = tokenService.GetAccessToken(HttpContext);

-        if (token is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "No token passed."

-            };

-

         var user = await userStore.GetUserByToken(token, false);

         if (user is null)

             throw new MatrixException() {

diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/UserController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/UserController.cs
index e886d46..2be3896 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/UserController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/Users/UserController.cs
@@ -15,12 +15,6 @@ public class UserController(ILogger<UserController> logger, TokenService tokenSe
     [HttpGet("account/whoami")]

     public async Task<WhoAmIResponse> Login() {

         var token = tokenService.GetAccessToken(HttpContext);

-        if (token is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "No token passed."

-            };

-

         var user = await userStore.GetUserByToken(token, Random.Shared.Next(101) <= 10, tokenService.GenerateServerName(HttpContext));

         if (user is null)

             throw new MatrixException() {

@@ -36,12 +30,6 @@ public class UserController(ILogger<UserController> logger, TokenService tokenSe
     [HttpGet("joined_rooms")]

     public async Task<object> GetJoinedRooms() {

         var token = tokenService.GetAccessToken(HttpContext);

-        if (token is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "No token passed."

-            };

-

         var user = await userStore.GetUserByToken(token, false);

         if (user is null)

             throw new MatrixException() {

@@ -60,12 +48,6 @@ public class UserController(ILogger<UserController> logger, TokenService tokenSe
     [HttpGet("devices")]

     public async Task<DevicesResponse> GetDevices() {

         var token = tokenService.GetAccessToken(HttpContext);

-        if (token is null)

-            throw new MatrixException() {

-                ErrorCode = "M_UNAUTHORIZED",

-                Error = "No token passed."

-            };

-

         var user = await userStore.GetUserByToken(token, false);

         if (user is null)

             throw new MatrixException() {

diff --git a/Tests/LibMatrix.HomeserverEmulator/Controllers/VersionsController.cs b/Tests/LibMatrix.HomeserverEmulator/Controllers/VersionsController.cs
index 704e26b..0c3bde6 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Controllers/VersionsController.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Controllers/VersionsController.cs
@@ -1,92 +1,96 @@
-using System.Text.Json.Nodes;

-using System.Text.Json.Serialization;

-using LibMatrix.Homeservers;

-using LibMatrix.Responses;

-using LibMatrix.Services;

-using Microsoft.AspNetCore.Mvc;

-

-namespace LibMatrix.HomeserverEmulator.Controllers;

-

-[ApiController]

-[Route("/_matrix/")]

-public class VersionsController(ILogger<WellKnownController> logger) : ControllerBase {

-    [HttpGet("client/versions")]

-    public async Task<ClientVersionsResponse> GetClientVersions() {

-        var clientVersions = new ClientVersionsResponse {

-            Versions = new() {

-                "r0.0.1",

-                "r0.1.0",

-                "r0.2.0",

-                "r0.3.0",

-                "r0.4.0",

-                "r0.5.0",

-                "r0.6.0",

-                "r0.6.1",

-                "v1.1",

-                "v1.2",

-                "v1.3",

-                "v1.4",

-                "v1.5",

-                "v1.6",

-                "v1.7",

-                "v1.8",

-            },

-            UnstableFeatures = new()

-        };

-        return clientVersions;

-    }

-

-    [HttpGet("federation/v1/version")]

-    public async Task<ServerVersionResponse> GetServerVersions() {

-        var clientVersions = new ServerVersionResponse() {

-            Server = new() {

-                Name = "LibMatrix.HomeserverEmulator",

-                Version = "0.0.0"

-            }

-        };

-        return clientVersions;

-    }

-

-    [HttpGet("client/{version}/capabilities")]

-    public async Task<CapabilitiesResponse> GetCapabilities() {

-        return new() {

-            Capabilities = new() {

-                ChangePassword = new() {

-                    Enabled = false

-                },

-                RoomVersions = new() {

-                    Default = "11",

-                    Available = new() {

-                        ["11"] = "unstable"

-                    }

-                }

-            }

-        };

-    }

-}

-

-public class CapabilitiesResponse {

-    [JsonPropertyName("capabilities")]

-    public CapabilitiesContent Capabilities { get; set; }

-

-    public class CapabilitiesContent {

-        [JsonPropertyName("m.room_versions")]

-        public RoomVersionsContent RoomVersions { get; set; }

-        

-        [JsonPropertyName("m.change_password")]

-        public ChangePasswordContent ChangePassword { get; set; }

-

-        public class ChangePasswordContent {

-            [JsonPropertyName("enabled")]

-            public bool Enabled { get; set; }

-        }

-

-        public class RoomVersionsContent {

-            [JsonPropertyName("default")]

-            public string Default { get; set; }

-

-            [JsonPropertyName("available")]

-            public Dictionary<string, string> Available { get; set; }

-        }

-    }

+using System.Text.Json.Nodes;
+using System.Text.Json.Serialization;
+using LibMatrix.Homeservers;
+using LibMatrix.Responses;
+using LibMatrix.Services;
+using Microsoft.AspNetCore.Mvc;
+
+namespace LibMatrix.HomeserverEmulator.Controllers;
+
+[ApiController]
+[Route("/_matrix/")]
+public class VersionsController(ILogger<WellKnownController> logger) : ControllerBase {
+    [HttpGet("client/versions")]
+    public async Task<ClientVersionsResponse> GetClientVersions() {
+        var clientVersions = new ClientVersionsResponse {
+            Versions = new() {
+                "r0.0.1",
+                "r0.1.0",
+                "r0.2.0",
+                "r0.3.0",
+                "r0.4.0",
+                "r0.5.0",
+                "r0.6.0",
+                "r0.6.1",
+                "v1.1",
+                "v1.2",
+                "v1.3",
+                "v1.4",
+                "v1.5",
+                "v1.6",
+                "v1.7",
+                "v1.8",
+            },
+            UnstableFeatures = new()
+        };
+        return clientVersions;
+    }
+
+    [HttpGet("federation/v1/version")]
+    public async Task<ServerVersionResponse> GetServerVersions() {
+        var clientVersions = new ServerVersionResponse() {
+            Server = new() {
+                Name = "LibMatrix.HomeserverEmulator",
+                Version = "0.0.0"
+            }
+        };
+        return clientVersions;
+    }
+
+    [HttpGet("client/{version}/capabilities")]
+    public async Task<CapabilitiesResponse> GetCapabilities() {
+        var caps = new CapabilitiesResponse() {
+            Capabilities = new() {
+                ChangePassword = new() {
+                    Enabled = false
+                },
+                RoomVersions = new() {
+                    Default = "11",
+                    Available = []
+                }
+            }
+        };
+
+        for (int i = 0; i < 15; i++) {
+            caps.Capabilities.RoomVersions.Available.Add(i.ToString(), "stable");
+        }
+
+        return caps;
+    }
+}
+
+public class CapabilitiesResponse {
+    [JsonPropertyName("capabilities")]
+    public CapabilitiesContent Capabilities { get; set; }
+
+    public class CapabilitiesContent {
+        [JsonPropertyName("m.room_versions")]
+        public RoomVersionsContent RoomVersions { get; set; }
+
+        [JsonPropertyName("m.change_password")]
+        public ChangePasswordContent ChangePassword { get; set; }
+
+        public class ChangePasswordContent {
+            [JsonPropertyName("enabled")]
+            public bool Enabled { get; set; }
+        }
+
+        public class RoomVersionsContent {
+            [JsonPropertyName("default")]
+            public string Default { get; set; }
+
+            [JsonPropertyName("available")]
+            public Dictionary<string, string> Available { get; set; }
+        }
+    }
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Extensions/EventExtensions.cs b/Tests/LibMatrix.HomeserverEmulator/Extensions/EventExtensions.cs
index 1d03d7a..d938b1b 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Extensions/EventExtensions.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Extensions/EventExtensions.cs
@@ -14,5 +14,11 @@ public static class EventExtensions {
             OriginServerTs = DateTimeOffset.Now.ToUnixTimeMilliseconds()
         };
     }
-    
+
+    public static List<StateEventResponse> GetCalculatedState(this IEnumerable<StateEventResponse> events) {
+        return events.Where(s => s.StateKey != null)
+            .OrderByDescending(s => s.OriginServerTs)
+            .DistinctBy(x => (x.Type, x.StateKey))
+            .ToList();
+    }
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/LibMatrix.HomeserverEmulator.csproj b/Tests/LibMatrix.HomeserverEmulator/LibMatrix.HomeserverEmulator.csproj
index 6588675..8fd5503 100644
--- a/Tests/LibMatrix.HomeserverEmulator/LibMatrix.HomeserverEmulator.csproj
+++ b/Tests/LibMatrix.HomeserverEmulator/LibMatrix.HomeserverEmulator.csproj
@@ -1,25 +1,27 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">

-

-  <PropertyGroup>

-    <TargetFramework>net8.0</TargetFramework>

-    <Nullable>enable</Nullable>

-    <ImplicitUsings>enable</ImplicitUsings>

-    <InvariantGlobalization>true</InvariantGlobalization>

-    <LangVersion>preview</LangVersion>

-    <GenerateDocumentationFile>true</GenerateDocumentationFile>

-  </PropertyGroup>

-

-  <ItemGroup>

-    <PackageReference Include="EasyCompressor.LZMA" Version="1.4.0" />

-    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.0" />

-    <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />

-  </ItemGroup>

-

-  <ItemGroup>

-    <ProjectReference Include="..\..\LibMatrix\LibMatrix.csproj" />

-  </ItemGroup>

-

-  <ItemGroup>

-    <Folder Include="data\rooms\" />

-  </ItemGroup>

-</Project>

+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <Nullable>enable</Nullable>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <InvariantGlobalization>true</InvariantGlobalization>
+        <LangVersion>preview</LangVersion>
+        <GenerateDocumentationFile>true</GenerateDocumentationFile>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="EasyCompressor.LZMA" Version="1.4.0"/>
+        <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.0"/>
+        <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0"/>
+    </ItemGroup>
+
+    <ItemGroup>
+        <ProjectReference Include="..\..\LibMatrix\LibMatrix.csproj"/>
+        <ProjectReference Include="..\..\Utilities\LibMatrix.Utilities.Bot\LibMatrix.Utilities.Bot.csproj"/>
+    </ItemGroup>
+
+    <ItemGroup>
+        <Folder Include="data\rooms\"/>
+    </ItemGroup>
+
+</Project>
diff --git a/Tests/LibMatrix.HomeserverEmulator/Program.cs b/Tests/LibMatrix.HomeserverEmulator/Program.cs
index ddf39c7..91e0f88 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Program.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Program.cs
@@ -1,107 +1,109 @@
-using System.Net.Mime;

-using System.Text.Json.Serialization;

-using LibMatrix;

-using LibMatrix.HomeserverEmulator.Services;

-using Microsoft.AspNetCore.Diagnostics;

-using Microsoft.AspNetCore.Http.Timeouts;

-using Microsoft.AspNetCore.Mvc;

-using Microsoft.OpenApi.Models;

-

-var builder = WebApplication.CreateBuilder(args);

-

-// Add services to the container.

-

-builder.Services.AddControllers().AddJsonOptions(options => {

-    options.JsonSerializerOptions.DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull;

-});

-

-builder.Services.AddEndpointsApiExplorer();

-builder.Services.AddSwaggerGen(c => {

-    c.SwaggerDoc("v1", new OpenApiInfo() {

-        Version = "v1",

-        Title = "Rory&::LibMatrix.HomeserverEmulator",

-        Description = "Partial Matrix implementation"

-    });

-    c.IncludeXmlComments(Path.Combine(AppContext.BaseDirectory, "LibMatrix.HomeserverEmulator.xml"));

-});

-

-builder.Services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();

-builder.Services.AddSingleton<HSEConfiguration>();

-builder.Services.AddSingleton<UserStore>();

-builder.Services.AddSingleton<RoomStore>();

-

-builder.Services.AddScoped<TokenService>();

-

-builder.Services.AddRequestTimeouts(x => {

-    x.DefaultPolicy = new RequestTimeoutPolicy {

-        Timeout = TimeSpan.FromMinutes(10),

-        WriteTimeoutResponse = async context => {

-            context.Response.StatusCode = 504;

-            context.Response.ContentType = "application/json";

-            await context.Response.StartAsync();

-            await context.Response.WriteAsJsonAsync(new MatrixException() {

-                ErrorCode = "M_TIMEOUT",

-                Error = "Request timed out"

-            }.GetAsJson());

-            await context.Response.CompleteAsync();

-        }

-    };

-});

-builder.Services.AddCors(options => {

-    options.AddPolicy(

-        "Open",

-        policy => policy.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());

-});

-var app = builder.Build();

-

-// Configure the HTTP request pipeline.

-if (app.Environment.IsDevelopment() || true)

-{

-    app.UseSwagger();

-    app.UseSwaggerUI();

-}

-

-app.UseCors("Open");

-app.UseExceptionHandler(exceptionHandlerApp => {

-    exceptionHandlerApp.Run(async context => {

-

-        var exceptionHandlerPathFeature =

-            context.Features.Get<IExceptionHandlerPathFeature>();

-        if(exceptionHandlerPathFeature?.Error is not null)

-            Console.WriteLine(exceptionHandlerPathFeature.Error.ToString()!);

-

-        if (exceptionHandlerPathFeature?.Error is MatrixException mxe) {

-            context.Response.StatusCode = mxe.ErrorCode switch {

-                "M_NOT_FOUND" => StatusCodes.Status404NotFound,

-                "M_UNAUTHORIZED" => StatusCodes.Status401Unauthorized,

-                _ => StatusCodes.Status500InternalServerError

-            };

-            context.Response.ContentType = MediaTypeNames.Application.Json;

-            await context.Response.WriteAsync(mxe.GetAsJson()!);

-        }

-        else {

-            context.Response.StatusCode = StatusCodes.Status500InternalServerError;

-            context.Response.ContentType = MediaTypeNames.Application.Json;

-            await context.Response.WriteAsync(new MatrixException() {

-                ErrorCode = "M_UNKNOWN",

-                Error = exceptionHandlerPathFeature?.Error.ToString()

-            }.GetAsJson());

-        }

-    });

-});

-

-app.UseAuthorization();

-

-app.MapControllers();

-

-app.Map("/_matrix/{*_}", (HttpContext ctx) => {

-    Console.WriteLine($"Client hit non-existing route: {ctx.Request.Method} {ctx.Request.Path}");

-    ctx.Response.StatusCode = StatusCodes.Status404NotFound;

-    ctx.Response.ContentType = MediaTypeNames.Application.Json;

-    return ctx.Response.WriteAsJsonAsync(new MatrixException() {

-        ErrorCode = MatrixException.ErrorCodes.M_UNRECOGNISED,

-        Error = "Endpoint not implemented"

-    });

-});

-

-app.Run();

+using System.Net.Mime;
+using System.Text.Json.Serialization;
+using LibMatrix;
+using LibMatrix.HomeserverEmulator.Services;
+using LibMatrix.Services;
+using Microsoft.AspNetCore.Diagnostics;
+using Microsoft.AspNetCore.Http.Timeouts;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.OpenApi.Models;
+
+var builder = WebApplication.CreateBuilder(args);
+
+// Add services to the container.
+builder.Services.AddControllers().AddJsonOptions(options => { options.JsonSerializerOptions.DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull; });
+
+builder.Services.AddEndpointsApiExplorer();
+builder.Services.AddSwaggerGen(c => {
+    c.SwaggerDoc("v1", new OpenApiInfo() {
+        Version = "v1",
+        Title = "Rory&::LibMatrix.HomeserverEmulator",
+        Description = "Partial Matrix homeserver implementation"
+    });
+    c.IncludeXmlComments(Path.Combine(AppContext.BaseDirectory, "LibMatrix.HomeserverEmulator.xml"));
+});
+
+builder.Services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
+builder.Services.AddSingleton<HSEConfiguration>();
+builder.Services.AddSingleton<UserStore>();
+builder.Services.AddSingleton<RoomStore>();
+builder.Services.AddSingleton<MediaStore>();
+
+builder.Services.AddScoped<TokenService>();
+
+builder.Services.AddSingleton<HomeserverProviderService>();
+builder.Services.AddSingleton<HomeserverResolverService>();
+builder.Services.AddSingleton<PaginationTokenResolverService>();
+
+builder.Services.AddRequestTimeouts(x => {
+    x.DefaultPolicy = new RequestTimeoutPolicy {
+        Timeout = TimeSpan.FromMinutes(10),
+        WriteTimeoutResponse = async context => {
+            context.Response.StatusCode = 504;
+            context.Response.ContentType = "application/json";
+            await context.Response.StartAsync();
+            await context.Response.WriteAsJsonAsync(new MatrixException() {
+                ErrorCode = "M_TIMEOUT",
+                Error = "Request timed out"
+            }.GetAsJson());
+            await context.Response.CompleteAsync();
+        }
+    };
+});
+builder.Services.AddCors(options => {
+    options.AddPolicy(
+        "Open",
+        policy => policy.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());
+});
+var app = builder.Build();
+
+// Configure the HTTP request pipeline.
+if (app.Environment.IsDevelopment() || true) {
+    app.UseSwagger();
+    app.UseSwaggerUI();
+}
+
+app.UseCors("Open");
+app.UseExceptionHandler(exceptionHandlerApp => {
+    exceptionHandlerApp.Run(async context => {
+        var exceptionHandlerPathFeature =
+            context.Features.Get<IExceptionHandlerPathFeature>();
+        if (exceptionHandlerPathFeature?.Error is not null)
+            Console.WriteLine(exceptionHandlerPathFeature.Error.ToString()!);
+
+        if (exceptionHandlerPathFeature?.Error is MatrixException mxe) {
+            context.Response.StatusCode = mxe.ErrorCode switch {
+                "M_NOT_FOUND" => StatusCodes.Status404NotFound,
+                "M_UNAUTHORIZED" => StatusCodes.Status401Unauthorized,
+                _ => StatusCodes.Status500InternalServerError
+            };
+            context.Response.ContentType = MediaTypeNames.Application.Json;
+            await context.Response.WriteAsync(mxe.GetAsJson()!);
+        }
+        else {
+            context.Response.StatusCode = StatusCodes.Status500InternalServerError;
+            context.Response.ContentType = MediaTypeNames.Application.Json;
+            await context.Response.WriteAsync(new MatrixException() {
+                ErrorCode = "M_UNKNOWN",
+                Error = exceptionHandlerPathFeature?.Error.ToString()
+            }.GetAsJson());
+        }
+    });
+});
+
+app.UseAuthorization();
+
+app.MapControllers();
+
+app.Map("/_matrix/{*_}", (HttpContext ctx, ILogger<Program> logger) => {
+    logger.LogWarning("Client hit non-existing route: {Method} {Path}{Query}", ctx.Request.Method, ctx.Request.Path, ctx.Request.Query);
+    // Console.WriteLine($"Client hit non-existing route: {ctx.Request.Method} {ctx.Request.Path}");
+    ctx.Response.StatusCode = StatusCodes.Status404NotFound;
+    ctx.Response.ContentType = MediaTypeNames.Application.Json;
+    return ctx.Response.WriteAsJsonAsync(new MatrixException() {
+        ErrorCode = MatrixException.ErrorCodes.M_UNRECOGNISED,
+        Error = "Endpoint not implemented"
+    });
+});
+
+app.Run();
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Services/MediaStore.cs b/Tests/LibMatrix.HomeserverEmulator/Services/MediaStore.cs
index e40af89..00f2a42 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Services/MediaStore.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Services/MediaStore.cs
@@ -1,29 +1,20 @@
-using System.Collections.Concurrent;
-using System.Collections.Frozen;
-using System.Collections.ObjectModel;
-using System.Security.Cryptography;
 using System.Text.Json;
-using System.Text.Json.Nodes;
-using System.Text.Json.Serialization;
-using ArcaneLibs;
-using ArcaneLibs.Collections;
-using ArcaneLibs.Extensions;
-using LibMatrix.EventTypes;
-using LibMatrix.EventTypes.Spec.State;
-using LibMatrix.Responses;
+using LibMatrix.Services;
 
 namespace LibMatrix.HomeserverEmulator.Services;
 
 public class MediaStore {
     private readonly HSEConfiguration _config;
+    private readonly HomeserverResolverService _hsResolver;
     private List<MediaInfo> index = new();
 
-    public MediaStore(HSEConfiguration config) {
+    public MediaStore(HSEConfiguration config, HomeserverResolverService hsResolver) {
         _config = config;
+        _hsResolver = hsResolver;
         if (config.StoreData) {
             var path = Path.Combine(config.DataStoragePath, "media");
             if (!Directory.Exists(path)) Directory.CreateDirectory(path);
-            if(File.Exists(Path.Combine(path, "index.json")))
+            if (File.Exists(Path.Combine(path, "index.json")))
                 index = JsonSerializer.Deserialize<List<MediaInfo>>(File.ReadAllText(Path.Combine(path, "index.json")));
         }
         else
@@ -31,17 +22,43 @@ public class MediaStore {
     }
 
     // public async Task<object> UploadMedia(string userId, string mimeType, Stream stream, string? filename = null) {
-    //     var mediaId = $"mxc://{Guid.NewGuid().ToString()}";
-    //     var path = Path.Combine(_config.DataStoragePath, "media", mediaId);
-    //     if (!Directory.Exists(path)) Directory.CreateDirectory(path);
-    //     var file = Path.Combine(path, filename ?? "file");
-    //     await using var fs = File.Create(file);
-    //     await stream.CopyToAsync(fs);
-    //     index.Add(new() {
-    //         
-    //     });
-    //     return media;
+        // var mediaId = $"mxc://{Guid.NewGuid().ToString()}";
+        // var path = Path.Combine(_config.DataStoragePath, "media", mediaId);
+        // if (!Directory.Exists(path)) Directory.CreateDirectory(path);
+        // var file = Path.Combine(path, filename ?? "file");
+        // await using var fs = File.Create(file);
+        // await stream.CopyToAsync(fs);
+        // index.Add(new() { });
+        // return media;
     // }
 
+    public async Task<Stream> GetRemoteMedia(string serverName, string mediaId) {
+        if (_config.StoreData) {
+            var path = Path.Combine(_config.DataStoragePath, "media", serverName, mediaId);
+            if (!File.Exists(path)) {
+                var mediaUrl = await _hsResolver.ResolveMediaUri(serverName, $"mxc://{serverName}/{mediaId}");
+                if (mediaUrl is null)
+                    throw new MatrixException() {
+                        ErrorCode = "M_NOT_FOUND",
+                        Error = "Media not found"
+                    };
+                using var client = new HttpClient();
+                var stream = await client.GetStreamAsync(mediaUrl);
+                await using var fs = File.Create(path);
+                await stream.CopyToAsync(fs);
+            }
+            return new FileStream(path, FileMode.Open);
+        }
+        else {
+            var mediaUrl = await _hsResolver.ResolveMediaUri(serverName, $"mxc://{serverName}/{mediaId}");
+            if (mediaUrl is null)
+                throw new MatrixException() {
+                    ErrorCode = "M_NOT_FOUND",
+                    Error = "Media not found"
+                };
+            using var client = new HttpClient();
+            return await client.GetStreamAsync(mediaUrl);
+        }
+    }
     public class MediaInfo { }
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Services/PaginationTokenResolverService.cs b/Tests/LibMatrix.HomeserverEmulator/Services/PaginationTokenResolverService.cs
new file mode 100644
index 0000000..0128ba6
--- /dev/null
+++ b/Tests/LibMatrix.HomeserverEmulator/Services/PaginationTokenResolverService.cs
@@ -0,0 +1,54 @@
+namespace LibMatrix.HomeserverEmulator.Services;
+
+public class PaginationTokenResolverService(ILogger<PaginationTokenResolverService> logger, RoomStore roomStore, UserStore userStore) {
+    public async Task<long?> ResolveTokenToTimestamp(string token) {
+        logger.LogTrace("ResolveTokenToTimestamp({token})", token);
+        if (token.StartsWith('$')) {
+            //we have an event ID
+            foreach (var room in roomStore._rooms) {
+                var evt = await ResolveTokenToEvent(token, room);
+                if (evt is not null) return evt.OriginServerTs;
+            }
+
+            // event not found
+            throw new NotImplementedException();
+        }
+        else {
+            // we have a sync token 
+            foreach (var user in userStore._users) {
+                foreach (var (_, session) in user.AccessTokens) {
+                    if (!session.SyncStates.TryGetValue(token, out var syncState)) continue;
+                    long? maxTs = 0;
+                    foreach (var room in syncState.RoomPositions) {
+                        var roomObj = roomStore.GetRoomById(room.Key);
+                        if (roomObj is null)
+                            continue;
+                        var ts = roomObj.Timeline.Last().OriginServerTs;
+                        if (ts > maxTs) maxTs = ts;
+                    }
+
+                    return maxTs;
+                }
+            }
+
+            throw new NotImplementedException();
+        }
+    }
+
+    public async Task<StateEventResponse?> ResolveTokenToEvent(string token, RoomStore.Room room) {
+        if (token.StartsWith('$')) {
+            //we have an event ID
+            logger.LogTrace("ResolveTokenToEvent(EventId({token}), Room({room})): searching for event...", token, room.RoomId);
+
+            var evt = room.Timeline.SingleOrDefault(x => x.EventId == token);
+            if (evt is not null) return evt;
+            logger.LogTrace("ResolveTokenToEvent({token}, Room({room})): event not in requested room...", token, room.RoomId);
+            return null;
+        }
+        else {
+            // we have a sync token
+            logger.LogTrace("ResolveTokenToEvent(SyncToken({token}), Room({room}))", token, room.RoomId);
+            throw new NotImplementedException();
+        }
+    }
+}
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Services/RoomStore.cs b/Tests/LibMatrix.HomeserverEmulator/Services/RoomStore.cs
index d2c9e15..7b36f37 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Services/RoomStore.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Services/RoomStore.cs
@@ -3,24 +3,24 @@ using System.Collections.Frozen;
 using System.Collections.Immutable;
 using System.Collections.ObjectModel;
 using System.Collections.Specialized;
-using System.Security.Cryptography;
 using System.Text.Json;
 using System.Text.Json.Nodes;
-using System.Text.Json.Serialization;
 using ArcaneLibs;
 using ArcaneLibs.Collections;
 using ArcaneLibs.Extensions;
-using LibMatrix.EventTypes;
 using LibMatrix.EventTypes.Spec.State;
+using LibMatrix.HomeserverEmulator.Controllers.Rooms;
 using LibMatrix.Responses;
 
 namespace LibMatrix.HomeserverEmulator.Services;
 
 public class RoomStore {
+    private readonly ILogger<RoomStore> _logger;
     public ConcurrentBag<Room> _rooms = new();
     private Dictionary<string, Room> _roomsById = new();
 
-    public RoomStore(HSEConfiguration config) {
+    public RoomStore(ILogger<RoomStore> logger, HSEConfiguration config) {
+        _logger = logger;
         if (config.StoreData) {
             var path = Path.Combine(config.DataStoragePath, "rooms");
             if (!Directory.Exists(path)) Directory.CreateDirectory(path);
@@ -50,8 +50,19 @@ public class RoomStore {
         return CreateRoom(new() { });
     }
 
-    public Room CreateRoom(CreateRoomRequest request) {
+    public Room CreateRoom(CreateRoomRequest request, UserStore.User? user = null) {
         var room = new Room(roomId: $"!{Guid.NewGuid().ToString()}");
+        var newCreateEvent = new StateEvent() {
+            Type = RoomCreateEventContent.EventId,
+            RawContent = new() { }
+        };
+        foreach (var (key, value) in request.CreationContent) {
+            newCreateEvent.RawContent[key] = value.DeepClone();
+        }
+
+        if (user != null) newCreateEvent.RawContent["creator"] = user.UserId;
+        var createEvent = room.SetStateInternal(newCreateEvent);
+
         if (!string.IsNullOrWhiteSpace(request.Name))
             room.SetStateInternal(new StateEvent() {
                 Type = RoomNameEventContent.EventId,
@@ -77,23 +88,33 @@ public class RoomStore {
         return room;
     }
 
+    public Room AddRoom(Room room) {
+        _rooms.Add(room);
+        RebuildIndexes();
+
+        return room;
+    }
+
     public class Room : NotifyPropertyChanged {
         private CancellationTokenSource _debounceCts = new();
         private ObservableCollection<StateEventResponse> _timeline;
         private ObservableDictionary<string, List<StateEventResponse>> _accountData;
+        private ObservableDictionary<string, ReadMarkersData> _readMarkers;
+        private FrozenSet<StateEventResponse> _stateCache;
+        private int _timelineHash;
 
         public Room(string roomId) {
             if (string.IsNullOrWhiteSpace(roomId)) throw new ArgumentException("Value cannot be null or whitespace.", nameof(roomId));
             if (roomId[0] != '!') throw new ArgumentException("Room ID must start with !", nameof(roomId));
             RoomId = roomId;
-            State = FrozenSet<StateEventResponse>.Empty;
             Timeline = new();
             AccountData = new();
+            ReadMarkers = new();
         }
 
         public string RoomId { get; set; }
 
-        public FrozenSet<StateEventResponse> State { get; private set; }
+        public FrozenSet<StateEventResponse> State => _timelineHash == _timeline.GetHashCode() ? _stateCache : RebuildState();
 
         public ObservableCollection<StateEventResponse> Timeline {
             get => _timeline;
@@ -129,11 +150,21 @@ public class RoomStore {
         public ImmutableList<StateEventResponse> JoinedMembers =>
             State.Where(s => s is { Type: RoomMemberEventContent.EventId, TypedContent: RoomMemberEventContent { Membership: "join" } }).ToImmutableList();
 
+        public ObservableDictionary<string, ReadMarkersData> ReadMarkers {
+            get => _readMarkers;
+            set {
+                if (Equals(value, _readMarkers)) return;
+                _readMarkers = new(value);
+                _readMarkers.CollectionChanged += (sender, args) => SaveDebounced();
+                OnPropertyChanged();
+            }
+        }
+
         internal StateEventResponse SetStateInternal(StateEvent request) {
             var state = new StateEventResponse() {
                 Type = request.Type,
-                StateKey = request.StateKey,
-                EventId = Guid.NewGuid().ToString(),
+                StateKey = request.StateKey ?? "",
+                EventId = "$" + Guid.NewGuid().ToString(),
                 RoomId = RoomId,
                 OriginServerTs = DateTimeOffset.Now.ToUnixTimeMilliseconds(),
                 Sender = "",
@@ -142,12 +173,12 @@ public class RoomStore {
                     : JsonSerializer.Deserialize<JsonObject>(JsonSerializer.Serialize(request.TypedContent)))
             };
             Timeline.Add(state);
-            if (state.StateKey is not null)
-                // we want state to be deduplicated by type and key, and we want the latest state to be the one that is returned
-                State = Timeline.Where(s => s.StateKey != null)
-                    .OrderByDescending(s => s.OriginServerTs)
-                    .DistinctBy(x => (x.Type, x.StateKey))
-                    .ToFrozenSet();
+            // if (state.StateKey is not null)
+            // we want state to be deduplicated by type and key, and we want the latest state to be the one that is returned
+            // State = Timeline.Where(s => s.StateKey != null)
+            // .OrderByDescending(s => s.OriginServerTs)
+            // .DistinctBy(x => (x.Type, x.StateKey))
+            // .ToFrozenSet();
             return state;
         }
 
@@ -179,12 +210,32 @@ public class RoomStore {
             catch (TaskCanceledException) { }
         }
 
-        private void RebuildState() {
-            State = Timeline //.Where(s => s.Type == state.Type && s.StateKey == state.StateKey)
+        private FrozenSet<StateEventResponse> RebuildState() {
+            foreach (var evt in Timeline) {
+                if (evt.EventId == null)
+                    evt.EventId = "$" + Guid.NewGuid();
+                else if (!evt.EventId.StartsWith('$')) {
+                    evt.EventId = "$" + evt.EventId;
+                    Console.WriteLine($"Sanitised invalid event ID {evt.EventId}");
+                }
+            }
+
+            _stateCache = Timeline //.Where(s => s.Type == state.Type && s.StateKey == state.StateKey)
                 .Where(x => x.StateKey != null)
                 .OrderByDescending(s => s.OriginServerTs)
                 .DistinctBy(x => (x.Type, x.StateKey))
                 .ToFrozenSet();
+
+            return _stateCache;
         }
     }
+
+    public List<StateEventResponse> GetRoomsByMember(string userId) {
+        // return _rooms
+        // // .Where(r => r.State.Any(s => s.Type == RoomMemberEventContent.EventId && s.StateKey == userId))
+        // .Select(r => (Room: r, MemberEvent: r.State.SingleOrDefault(s => s.Type == RoomMemberEventContent.EventId && s.StateKey == userId)))
+        // .Where(r => r.MemberEvent != null)
+        // .ToDictionary(x => x.Room, x => x.MemberEvent!);
+        return _rooms.SelectMany(r => r.State.Where(s => s.Type == RoomMemberEventContent.EventId && s.StateKey == userId)).ToList();
+    }
 }
\ No newline at end of file
diff --git a/Tests/LibMatrix.HomeserverEmulator/Services/TokenService.cs b/Tests/LibMatrix.HomeserverEmulator/Services/TokenService.cs
index 1f59342..cf79aae 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Services/TokenService.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Services/TokenService.cs
@@ -1,7 +1,7 @@
 namespace LibMatrix.HomeserverEmulator.Services;
 
 public class TokenService{
-    public string? GetAccessToken(HttpContext ctx) {
+    public string? GetAccessTokenOrNull(HttpContext ctx) {
         //qry
         if (ctx.Request.Query.TryGetValue("access_token", out var token)) {
             return token;
@@ -16,6 +16,13 @@ public class TokenService{
         return null;
     }
 
+    public string GetAccessToken(HttpContext ctx) {
+        return GetAccessTokenOrNull(ctx) ?? throw new MatrixException() {
+            ErrorCode = MatrixException.ErrorCodes.M_UNKNOWN_TOKEN,
+            Error = "Missing token"
+        };
+    }
+
     public string? GenerateServerName(HttpContext ctx) {
         return ctx.Request.Host.ToString();
     }
diff --git a/Tests/LibMatrix.HomeserverEmulator/Services/UserStore.cs b/Tests/LibMatrix.HomeserverEmulator/Services/UserStore.cs
index 4f238a0..4ce9f92 100644
--- a/Tests/LibMatrix.HomeserverEmulator/Services/UserStore.cs
+++ b/Tests/LibMatrix.HomeserverEmulator/Services/UserStore.cs
@@ -18,11 +18,15 @@ public class UserStore {
     public UserStore(HSEConfiguration config, RoomStore roomStore) {
         _roomStore = roomStore;
         if (config.StoreData) {
-            var path = Path.Combine(config.DataStoragePath, "users");
-            if (!Directory.Exists(path)) Directory.CreateDirectory(path);
-            foreach (var file in Directory.GetFiles(path)) {
-                var user = JsonSerializer.Deserialize<User>(File.ReadAllText(file));
-                if (user is not null) _users.Add(user);
+            var dataDir = Path.Combine(HSEConfiguration.Current.DataStoragePath, "users");
+            if (!Directory.Exists(dataDir)) Directory.CreateDirectory(dataDir);
+            foreach (var userId in Directory.GetDirectories(dataDir)) {
+                var tokensDir = Path.Combine(dataDir, userId, "tokens.json");
+                var path = Path.Combine(dataDir, userId, $"user.json");
+
+                var user = JsonSerializer.Deserialize<User>(File.ReadAllText(path));
+                user!.AccessTokens = JsonSerializer.Deserialize<ObservableDictionary<string, User.SessionInfo>>(File.ReadAllText(tokensDir))!;
+                _users.Add(user);
             }
 
             Console.WriteLine($"Loaded {_users.Count} users from disk");
@@ -42,7 +46,7 @@ public class UserStore {
         return await CreateUser(userId);
     }
 
-    public async Task<User?> GetUserByToken(string token, bool createIfNotExists = false, string? serverName = null) {
+    public async Task<User?> GetUserByTokenOrNull(string token, bool createIfNotExists = false, string? serverName = null) {
         if (_users.Any(x => x.AccessTokens.ContainsKey(token)))
             return _users.First(x => x.AccessTokens.ContainsKey(token));
 
@@ -53,6 +57,13 @@ public class UserStore {
         return await CreateUser(uid);
     }
 
+    public async Task<User> GetUserByToken(string token, bool createIfNotExists = false, string? serverName = null) {
+        return await GetUserByTokenOrNull(token, createIfNotExists, serverName) ?? throw new MatrixException() {
+            ErrorCode = MatrixException.ErrorCodes.M_UNKNOWN_TOKEN,
+            Error = "Invalid token."
+        };
+    }
+
     public async Task<User> CreateUser(string userId, Dictionary<string, object>? profile = null) {
         profile ??= new();
         if (!profile.ContainsKey("displayname")) profile.Add("displayname", userId.Split(":")[0]);
@@ -97,6 +108,7 @@ public class UserStore {
             Profile = new();
             AccountData = new();
             RoomKeys = new();
+            AuthorizedSessions = new();
         }
 
         private CancellationTokenSource _debounceCts = new();
@@ -106,6 +118,7 @@ public class UserStore {
         private ObservableDictionary<string, object> _profile;
         private ObservableCollection<StateEventResponse> _accountData;
         private ObservableDictionary<string, RoomKeysResponse> _roomKeys;
+        private ObservableDictionary<string, AuthorizedSession> _authorizedSessions;
 
         public string UserId {
             get => _userId;
@@ -162,15 +175,29 @@ public class UserStore {
             }
         }
 
+        public ObservableDictionary<string, AuthorizedSession> AuthorizedSessions {
+            get => _authorizedSessions;
+            set {
+                if (value == _authorizedSessions) return;
+                _authorizedSessions = new(value);
+                _authorizedSessions.CollectionChanged += async (sender, args) => await SaveDebounced();
+                OnPropertyChanged();
+            }
+        }
+
         public async Task SaveDebounced() {
             if (!HSEConfiguration.Current.StoreData) return;
-            _debounceCts.Cancel();
+            await _debounceCts.CancelAsync();
             _debounceCts = new CancellationTokenSource();
             try {
                 await Task.Delay(250, _debounceCts.Token);
-                var path = Path.Combine(HSEConfiguration.Current.DataStoragePath, "users", $"{_userId}.json");
+                var dataDir = Path.Combine(HSEConfiguration.Current.DataStoragePath, "users", _userId);
+                if (!Directory.Exists(dataDir)) Directory.CreateDirectory(dataDir);
+                var tokensDir = Path.Combine(dataDir, "tokens.json");
+                var path = Path.Combine(dataDir, $"user.json");
                 Console.WriteLine($"Saving user {_userId} to {path}!");
                 await File.WriteAllTextAsync(path, this.ToJson(ignoreNull: true));
+                await File.WriteAllTextAsync(tokensDir, AccessTokens.ToJson(ignoreNull: true));
             }
             catch (TaskCanceledException) { }
             catch (InvalidOperationException) { } // We don't care about 100% data safety, this usually happens when something is updated while serialising
@@ -187,7 +214,19 @@ public class UserStore {
 
                 public class SyncRoomPosition {
                     public int TimelinePosition { get; set; }
+                    public string LastTimelineEventId { get; set; }
                     public int AccountDataPosition { get; set; }
+                    public bool Joined { get; set; }
+                }
+
+                public UserSyncState Clone() {
+                    return new() {
+                        FilterId = FilterId,
+                        RoomPositions = RoomPositions.ToDictionary(x => x.Key, x => new SyncRoomPosition() {
+                            TimelinePosition = x.Value.TimelinePosition,
+                            AccountDataPosition = x.Value.AccountDataPosition
+                        })
+                    };
                 }
             }
         }
@@ -202,5 +241,10 @@ public class UserStore {
                 UserId = UserId
             };
         }
+
+        public class AuthorizedSession {
+            public string Homeserver { get; set; }
+            public string AccessToken { get; set; }
+        }
     }
 }
\ No newline at end of file