synapse-product/synapse/api
Erik Johnston f21e24ffc2
Add ability for access tokens to belong to one user but grant access to another user. (#8616)
We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't).

A future PR will add an API for creating such a token.

When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
2020-10-29 15:58:44 +00:00
..
__init__.py copyrights 2016-01-07 04:26:29 +00:00
auth_blocking.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
auth.py Add ability for access tokens to belong to one user but grant access to another user. (#8616) 2020-10-29 15:58:44 +00:00
constants.py Do not assume that account data is of the correct form. (#8454) 2020-10-05 09:28:05 -04:00
errors.py Simplify super() calls to Python 3 syntax. (#8344) 2020-09-18 09:56:44 -04:00
filtering.py Simplify super() calls to Python 3 syntax. (#8344) 2020-09-18 09:56:44 -04:00
presence.py Convert stream database to async/await. (#8074) 2020-08-17 07:24:46 -04:00
ratelimiting.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
room_versions.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
urls.py Show a confirmation page during user password reset (#8004) 2020-09-10 11:45:12 +01:00