Skip to content
Snippets Groups Projects
Unverified Commit 76f9c701 authored by Patrick Cloke's avatar Patrick Cloke Committed by GitHub
Browse files

Always require users to re-authenticate for dangerous operations. (#10184) 

Dangerous actions means deactivating an account, modifying an account
password, or adding a 3PID.

Other actions (deleting devices, uploading keys) can re-use the same UI
auth session if ui_auth.session_timeout is configured.
parent b8b282aa
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment