diff options
author | Quentin Gliech <quentingliech@gmail.com> | 2021-06-24 15:33:20 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-06-24 14:33:20 +0100 |
commit | bd4919fb72b2a75f1c0a7f0c78bd619fd2ae30e8 (patch) | |
tree | 04a988e47720e9c58c99f05b74121e03ebe1f5f4 /synapse/api/auth.py | |
parent | Merge tag 'v1.37.0rc1' into develop (diff) | |
download | synapse-bd4919fb72b2a75f1c0a7f0c78bd619fd2ae30e8.tar.xz |
MSC2918 Refresh tokens implementation (#9450)
This implements refresh tokens, as defined by MSC2918 This MSC has been implemented client side in Hydrogen Web: vector-im/hydrogen-web#235 The basics of the MSC works: requesting refresh tokens on login, having the access tokens expire, and using the refresh token to get a new one. Signed-off-by: Quentin Gliech <quentingliech@gmail.com>
Diffstat (limited to 'synapse/api/auth.py')
-rw-r--r-- | synapse/api/auth.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index edf1b918eb..29cf257633 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -245,6 +245,11 @@ class Auth: errcode=Codes.GUEST_ACCESS_FORBIDDEN, ) + # Mark the token as used. This is used to invalidate old refresh + # tokens after some time. + if not user_info.token_used and token_id is not None: + await self.store.mark_access_token_as_used(token_id) + requester = create_requester( user_info.user_id, token_id, |