summary refs log tree commit diff
path: root/synapse/rest/client/v2_alpha/devices.py
diff options
context:
space:
mode:
Diffstat (limited to 'synapse/rest/client/v2_alpha/devices.py')
-rw-r--r--synapse/rest/client/v2_alpha/devices.py14
1 files changed, 14 insertions, 0 deletions
diff --git a/synapse/rest/client/v2_alpha/devices.py b/synapse/rest/client/v2_alpha/devices.py

index 8b9ab4f674..30ef8b3da9 100644
--- a/synapse/rest/client/v2_alpha/devices.py
+++ b/synapse/rest/client/v2_alpha/devices.py
@@ -70,6 +70,20 @@ class DeviceRestServlet(RestServlet):
         )
         defer.returnValue((200, device))
 
+    @defer.inlineCallbacks
+    def on_DELETE(self, request, device_id):
+        # XXX: it's not completely obvious we want to expose this endpoint.
+        # It allows the client to delete access tokens, which feels like a
+        # thing which merits extra auth. But if we want to do the interactive-
+        # auth dance, we should really make it possible to delete more than one
+        # device at a time.
+        requester = yield self.auth.get_user_by_req(request)
+        yield self.device_handler.delete_device(
+            requester.user.to_string(),
+            device_id,
+        )
+        defer.returnValue((200, {}))
+
 
 def register_servlets(hs, http_server):
     DevicesRestServlet(hs).register(http_server)
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-03-22 02:00:20 +0000