Login: Implement Token-based authentication

anoadragon453 commented 6 years ago

Spec URL: https://matrix.org/docs/spec/client_server/r0.3.0.html#post-matrix-client-r0-login https://matrix.org/docs/spec/client_server/r0.5.0#token-based

Difficulty: Medium

https://github.com/matrix-org/dendrite/blob/dfcf31f293a319830e2b8a188413db776930a5e5/src/github.com/matrix-org/dendrite/clientapi/routing/login.go#L60-L146

We currently only allow password-based authentication for login. Token-based authentication will be necessary for basic operation with clients. Currently users have tokens generated for them, we just need to check them on login.

Summary:

[ ] Differentiate between "type": "m.login.token" and "m.login.password" in request body
[ ] Authenticate user based on token and device ID. Relationship between access tokens and devices
[ ] Create test case(s) for logging in with access token

APwhitehat commented 6 years ago

@anoadragon453 This is phase 1 as well, may I take this up ?

anoadragon453 commented 6 years ago

@APwhitehat Certainly!

tommie commented 3 years ago

I'm forking #1374 and splitting apart the login stuff to be PRd separately first.

matrix-org / dendrite

Login: Implement Token-based authentication #403