This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
Allow updating password without logging out sessions via admin api #12949
Labels
good first issue
Good for newcomers
T-Enhancement
New features, changes in functionality, improvements in performance, or user-facing enhancements.
Comments
|
This is possible for the client endpoint (see MSC2457), so all the infrastructure should be there. It looks like we just need to read synapse/synapse/rest/admin/users.py Lines 307 to 316 in e24ff8e |
|
It is also possible with this endpoint: https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#reset-password |
|
So, while this doesn't include the option to soft-logout, I've opened #12952 to at least brings it to the same state as the reset-password and regular client-server password changing API. |
4 tasks
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
It'd be helpful to allow resetting passwords for users without logging them out of all of their sessions. When a user doesn't have their security key saved properly, as many do, this will prevent them from loosing access to their message history. What I'd imagine is a query parameter for the user update endpoint, that allows choosing between no logout at all, a soft-logout and a real logout, with the default being the real logout to not have a breaking change there.
I think a soft-logout is probably always the desired thing to do here, but there's also cases where no logout at all is the best option.
For additional context: Awesome-Technologies/synapse-admin#268
The text was updated successfully, but these errors were encountered: