mirror of
https://git.anonymousland.org/anonymousland/synapse.git
synced 2025-05-02 17:44:49 -04:00
Rip out more refresh_token code
We might as well treat all refresh_tokens as invalid. Just return a 403 from /tokenrefresh, so that we don't have a load of dead, untestable code hanging around. Still TODO: removing the table from the schema.
This commit is contained in:
Richard van der Hoff
parent
dc4b23e1a1
commit
aa09d6b8f0
7 changed files with 5 additions and 160 deletions
|
|
@ -440,8 +440,6 @@ class RegisterRestServlet(RestServlet):
|
|||
access_token = self.auth_handler.generate_access_token(
|
||||
user_id, ["guest = true"]
|
||||
)
|
||||
# XXX the "guest" caveat is not copied by /tokenrefresh. That's ok
|
||||
# so long as we don't return a refresh_token here.
|
||||
defer.returnValue((200, {
|
||||
"user_id": user_id,
|
||||
"device_id": device_id,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue