dendrite/clientapi
S7evinK cda2452ba0
Only allow device deletion from session UIA was initiated from (#2235)
* Only allow device deletion if the session matches

* Make the challenge response available to other packages

* Remove userID, as it's not in the spec

* Remove tests

* Add passing test & remove obsolete config

* Rename field, add comment

Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>
2022-03-01 16:39:57 +00:00
..
api Implement ExtraPublicRoomsProvider for p2p demos (#1180) 2020-07-03 12:59:00 +01:00
auth Only allow device deletion from session UIA was initiated from (#2235) 2022-03-01 16:39:57 +00:00
httputil Support for m.login.token (#2014) 2022-02-10 10:27:26 +00:00
jsonerror Implement server notices (#2180) 2022-02-18 16:05:03 +01:00
producers Tweak some logging (#2130) 2022-01-31 10:48:28 +00:00
routing Only allow device deletion from session UIA was initiated from (#2235) 2022-03-01 16:39:57 +00:00
threepid Merge both user API databases into one (#2186) 2022-02-18 11:31:05 +00:00
userutil - Removed double imports (#1989) 2021-09-08 17:31:03 +01:00
clientapi.go Merge both user API databases into one (#2186) 2022-02-18 11:31:05 +00:00
README.md use go module for dependencies (#594) 2019-05-21 21:56:55 +01:00

This component roughly corresponds to "Client Room Send" and "Client Sync" on the WIRING diagram. This component produces multiple binaries.

Internals

  • HTTP routing is done using gorilla/mux and the routing paths are in the routing package.

Writers

  • Each HTTP "write operation" (/createRoom, /rooms/$room_id/send/$type, etc) is contained entirely to a single file in the writers package.
  • This file contains the request and response struct definitions, as well as a Validate() bool function to validate incoming requests.
  • The entry point for each write operation is a stand-alone function as this makes testing easier. All dependencies should be injected into this function, including server keys/name, etc.