From 6dc0447320272aaae51a98eb6606597019f986d3 Mon Sep 17 00:00:00 2001
From: Daniel Weipert <git@mail.dweipert.de>
Date: Wed, 20 Aug 2025 14:58:10 +0200
Subject: login produces devices and tokens

---
 src/Controllers/KeyController.php | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

(limited to 'src/Controllers/KeyController.php')

diff --git a/src/Controllers/KeyController.php b/src/Controllers/KeyController.php
index a999e40..5050d9b 100644
--- a/src/Controllers/KeyController.php
+++ b/src/Controllers/KeyController.php
@@ -2,6 +2,10 @@
 
 namespace App\Controllers;
 
+use App\Errors\AppException;
+use App\Errors\ErrorCode;
+use App\Models\Tokens;
+use App\Support\RequestValidator;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\JsonResponse;
@@ -29,4 +33,34 @@ class KeyController
 
   public function query(string $serverName): Response
   {}
+
+  /**
+   * POST /_matrix/client/v3/refresh
+   */
+  public function refresh(): Response
+  {
+    $request = Request::createFromGlobals();
+    RequestValidator::validateJson();
+    $body = json_decode($request->getContent(), true);
+
+    $tokens = Tokens::fetchWithRefreshToken($body["refresh_token"]);
+
+    if (empty($tokens)) {
+      throw new AppException(
+        ErrorCode::UNKNOWN_TOKEN,
+        "Soft logged out",
+        Response::HTTP_UNAUTHORIZED,
+        ["soft_logout" => true],
+      );
+    }
+
+    $newTokens = Tokens::new($tokens->getUserId(), $tokens->getDeviceId());
+    $newTokens->insert();
+
+    return new JsonResponse([
+      "access_token" => $newTokens->getAccessToken(),
+      "expires_in" => $newTokens->getExpiresIn(),
+      "refresh_token" => $newTokens->getRefreshToken(),
+    ]);
+  }
 }
-- 
cgit v1.2.3