Save login tokens in database (#13844)

* Save login tokens in database Signed-off-by: Quentin Gliech <quenting@element.io> * Add upgrade notes * Track login token reuse in a Prometheus metric Signed-off-by: Quentin Gliech <quenting@element.io>
2025-08-10 16:30:07 -04:00 · 2022-10-26 12:45:41 +02:00 · 2022-10-26 12:45:41 +02:00 · 8756d5c87e
commit 8756d5c87e
parent d902181de9
11 changed files with 338 additions and 228 deletions
--- a/tests/util/test_macaroons.py
+++ b/tests/util/test_macaroons.py
@ -84,34 +84,6 @@ class MacaroonGeneratorTestCase(TestCase):
        )
        self.assertEqual(user_id, "@user:tesths")

-    def test_short_term_login_token(self):
-        """Test the generation and verification of short-term login tokens"""
-        token = self.macaroon_generator.generate_short_term_login_token(
-            user_id="@user:tesths",
-            auth_provider_id="oidc",
-            auth_provider_session_id="sid",
-            duration_in_ms=2 * 60 * 1000,
-        )
-
-        info = self.macaroon_generator.verify_short_term_login_token(token)
-        self.assertEqual(info.user_id, "@user:tesths")
-        self.assertEqual(info.auth_provider_id, "oidc")
-        self.assertEqual(info.auth_provider_session_id, "sid")
-
-        # Raises with another secret key
-        with self.assertRaises(MacaroonVerificationFailedException):
-            self.other_macaroon_generator.verify_short_term_login_token(token)
-
-        # Wait a minute
-        self.reactor.pump([60])
-        # Shouldn't raise
-        self.macaroon_generator.verify_short_term_login_token(token)
-        # Wait another minute
-        self.reactor.pump([60])
-        # Should raise since it expired
-        with self.assertRaises(MacaroonVerificationFailedException):
-            self.macaroon_generator.verify_short_term_login_token(token)
-
    def test_oidc_session_token(self):
        """Test the generation and verification of OIDC session cookies"""
        state = "arandomstate"