diff options
| author | David Baker <dave@matrix.org> | 2016-03-11 13:14:18 +0000 |
|---|---|---|
| committer | David Baker <dave@matrix.org> | 2016-03-11 13:14:18 +0000 |
| commit | aa11db5f119b9fa88242b0df95cfddd00e196ca1 (patch) | |
| tree | ebf68ea7e6d5b084ba3d8ded10bfa265ca88b6e7 /synapse/handlers/auth.py | |
| parent | Merge pull request #638 from matrix-org/daniel/appserviceid (diff) | |
| download | synapse-aa11db5f119b9fa88242b0df95cfddd00e196ca1.tar.xz | |
Fix cache invalidation so deleting access tokens (which we did when changing password) actually takes effect without HS restart. Reinstate the code to avoid logging out the session that changed the password, removed in 415c2f05491ce65a4fc34326519754cd1edd9c54
Diffstat (limited to 'synapse/handlers/auth.py')
| -rw-r--r-- | synapse/handlers/auth.py | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 7a4afe446d..a740cc3da3 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -432,13 +432,18 @@ class AuthHandler(BaseHandler): ) @defer.inlineCallbacks - def set_password(self, user_id, newpassword): + def set_password(self, user_id, newpassword, requester=None): password_hash = self.hash(newpassword) + except_access_token_ids = [requester.access_token_id] if requester else [] + yield self.store.user_set_password_hash(user_id, password_hash) - yield self.store.user_delete_access_tokens(user_id) - yield self.hs.get_pusherpool().remove_pushers_by_user(user_id) - yield self.store.flush_user(user_id) + yield self.store.user_delete_access_tokens_except( + user_id, except_access_token_ids + ) + yield self.hs.get_pusherpool().remove_pushers_by_user_except_access_tokens( + user_id, except_access_token_ids + ) @defer.inlineCallbacks def add_threepid(self, user_id, medium, address, validated_at): |