wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

/tokenrefresh should expire the access token

Browse source 
It's possible for clients to call /tokenrefresh before the access_token has
expired, potentially leading to a proliferation of valid access_tokens.
This commit is contained in:
Richard van der Hoff 2016-07-19 09:17:14 +01:00
parent 66bfd0462b
commit ec20f15407
3 changed files with 12 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
changelogs/client_server.rst
View file

@ -5,6 +5,8 @@
- Spell out the way that state is handled by ``POST /createRoom``
(`#362 <https://github.com/matrix-org/matrix-doc/pull/362>`_).
- Emphasise that ``POST /tokenrefresh`` should expire the access token
(`#363 <https://github.com/matrix-org/matrix-doc/pull/363>`_).
r0.2.0
======