Add permission level to deny login-matrix

Open AndrewFerr opened this issue 1 year ago • 3 comments

as some instances may want to discourage users from sharing their Matrix access tokens.

Jan 30 '24 13:01 AndrewFerr

Rebased onto the latest release to facilitate clean merging with downstream branches.

Jan 31 '24 15:01 AndrewFerr

Putting this in draft while I try writing an alternative approach that should be simpler / less impactful than making a new permission level.

Feb 01 '24 12:02 AndrewFerr

Having a special value in login_shared_secret_map or double_puppet_server_map to disallow double puppeting per server might work. Technically you could already set a fake address in the url map, which would break double puppeting.

Alternatively, you could just let people enable it if they want 🤔 Adding a check similar to what mautrix-python has to ensure the provided token doesn't have e2ee keys would be a good idea to prevent users from breaking their existing clients, but I don't see any other reason to prohibit it.

Feb 01 '24 12:02 tulir