TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-14 20:08:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
5b1160de1e
zitadel/internal/api/grpc/session/v2
History
Tim Möhlmann 5b1160de1e
feat(session): allow update of session without token (#7963) 
# Which Problems Are Solved

The session update requires the current session token as argument.
Since this adds extra complexity but no real additional security and
prevents case like magic links, we want to remove this requirement.

We still require the session token on other resouces / endpoints, e.g.
for finalizing the auth request or on idp intents.

# How the Problems Are Solved

- Removed the session token verifier in the Update Session GRPc call.
- Removed the session token from login UI examples session update calls

# Additional Changes

- none

# Additional Context

- Closes #7883
2024-05-22 05:56:11 +00:00
..
server.go feat: user v2 service query (#7095) 2024-01-17 10:00:10 +01:00
session_integration_test.go feat(session): allow update of session without token (#7963) 2024-05-22 05:56:11 +00:00
session_test.go fix(API): remove deprecated organisation_id from user factor in session service (#7631) 2024-03-26 11:25:40 +00:00
session.go feat(session): allow update of session without token (#7963) 2024-05-22 05:56:11 +00:00