diff options
author | Richard van der Hoff <github@rvanderhoff.org.uk> | 2017-11-29 17:56:46 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-29 17:56:46 +0000 |
commit | 7a48a6b63e9b4c1a81e04f2a0c8ac31a053ff29a (patch) | |
tree | f8d8f53bdf064d0033be76bc3c4ce8bc1582540f /synapse/rest/client/v1/logout.py | |
parent | Merge pull request #2718 from matrix-org/rav/notify_logcontexts (diff) | |
parent | Delete devices in various logout situations (diff) | |
download | synapse-7a48a6b63e9b4c1a81e04f2a0c8ac31a053ff29a.tar.xz |
Merge pull request #2722 from matrix-org/rav/delete_device_on_logout
Delete devices and pushers on logouts etc
Diffstat (limited to 'synapse/rest/client/v1/logout.py')
-rw-r--r-- | synapse/rest/client/v1/logout.py | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/synapse/rest/client/v1/logout.py b/synapse/rest/client/v1/logout.py index 6add754782..ca49955935 100644 --- a/synapse/rest/client/v1/logout.py +++ b/synapse/rest/client/v1/logout.py @@ -16,6 +16,7 @@ from twisted.internet import defer from synapse.api.auth import get_access_token_from_request +from synapse.api.errors import AuthError from .base import ClientV1RestServlet, client_path_patterns @@ -30,15 +31,30 @@ class LogoutRestServlet(ClientV1RestServlet): def __init__(self, hs): super(LogoutRestServlet, self).__init__(hs) + self._auth = hs.get_auth() self._auth_handler = hs.get_auth_handler() + self._device_handler = hs.get_device_handler() def on_OPTIONS(self, request): return (200, {}) @defer.inlineCallbacks def on_POST(self, request): - access_token = get_access_token_from_request(request) - yield self._auth_handler.delete_access_token(access_token) + try: + requester = yield self.auth.get_user_by_req(request) + except AuthError: + # this implies the access token has already been deleted. + pass + else: + if requester.device_id is None: + # the acccess token wasn't associated with a device. + # Just delete the access token + access_token = get_access_token_from_request(request) + yield self._auth_handler.delete_access_token(access_token) + else: + yield self._device_handler.delete_device( + requester.user.to_string(), requester.device_id) + defer.returnValue((200, {})) @@ -49,6 +65,7 @@ class LogoutAllRestServlet(ClientV1RestServlet): super(LogoutAllRestServlet, self).__init__(hs) self.auth = hs.get_auth() self._auth_handler = hs.get_auth_handler() + self._device_handler = hs.get_device_handler() def on_OPTIONS(self, request): return (200, {}) @@ -57,6 +74,12 @@ class LogoutAllRestServlet(ClientV1RestServlet): def on_POST(self, request): requester = yield self.auth.get_user_by_req(request) user_id = requester.user.to_string() + + # first delete all of the user's devices + yield self._device_handler.delete_all_devices_for_user(user_id) + + # .. and then delete any access tokens which weren't associated with + # devices. yield self._auth_handler.delete_access_tokens_for_user(user_id) defer.returnValue((200, {})) |