0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-15 17:43:52 +01:00

Return 401 for invalid access_token on logout

Signed-off-by: Duncan Klug <dklug@ucmerced.edu>
This commit is contained in:
dklug 2018-03-02 22:01:27 -08:00
parent 6619f047ad
commit af7ed8e1ef

View file

@ -44,7 +44,10 @@ class LogoutRestServlet(ClientV1RestServlet):
requester = yield self.auth.get_user_by_req(request) requester = yield self.auth.get_user_by_req(request)
except AuthError: except AuthError:
# this implies the access token has already been deleted. # this implies the access token has already been deleted.
pass defer.returnValue((401, {
"errcode": "M_UNKNOWN_TOKEN",
"error": "Access Token unknown or expired"
}))
else: else:
if requester.device_id is None: if requester.device_id is None:
# the acccess token wasn't associated with a device. # the acccess token wasn't associated with a device.