forked from MirrorHub/synapse
Merge pull request #2938 from dklug/develop
Return 401 for invalid access_token on logout
This commit is contained in:
commit
37354b55c9
1 changed files with 4 additions and 1 deletions
|
@ -44,7 +44,10 @@ class LogoutRestServlet(ClientV1RestServlet):
|
|||
requester = yield self.auth.get_user_by_req(request)
|
||||
except AuthError:
|
||||
# this implies the access token has already been deleted.
|
||||
pass
|
||||
defer.returnValue((401, {
|
||||
"errcode": "M_UNKNOWN_TOKEN",
|
||||
"error": "Access Token unknown or expired"
|
||||
}))
|
||||
else:
|
||||
if requester.device_id is None:
|
||||
# the acccess token wasn't associated with a device.
|
||||
|
|
Loading…
Reference in a new issue