Split login_via_existing_session conf item to login_via_token.

Signed-off-by: Jason Volk <jason@zemos.net>
2026-01-24 03:01:56 +00:00
parent 7ff51a8eca
commit f048f87dac
3 changed files with 30 additions and 6 deletions
--- a/src/core/config/mod.rs
+++ b/src/core/config/mod.rs
@@ -954,11 +954,25 @@ pub struct Config {
 	/// Allow an existing session to mint a login token for another client.
 	/// This requires interactive authentication, but has security ramifications
 	/// as a malicious client could use the mechanism to spawn more than one
-	/// session.
-	/// Enabled by default.
+	/// session. Enabled by default.
+	///
+	/// default: true
 	#[serde(default = "true_fn")]
 	pub login_via_existing_session: bool,

+	/// Whether to enable the login token route to accept login tokens at all.
+	/// Login tokens may be generated by the server for authorization flows such
+	/// as SSO; disabling tokens may break such features.
+	///
+	/// This option is distinct from `login_via_existing_session` and does not
+	/// carry the same security implications; the intent is to leave this
+	/// enabled while disabling the former to prevent clients from commanding
+	/// login token creation but without preventing the server from doing so.
+	///
+	/// default: true
+	#[serde(default = "true_fn")]
+	pub login_via_token: bool,
+
 	/// Login token expiration/TTL in milliseconds.
 	///
 	/// These are short-lived tokens for the m.login.token endpoint.