E.g. with an AppToken that has been revoked Signed-off-by: Joas Schilling <coding@schilljs.com>tags/v22.0.0beta1
@@ -599,6 +599,8 @@ class Session implements IUserSession, Emitter { | |||
return true; | |||
} | |||
// If credentials were provided, they need to be valid, otherwise we do boom | |||
throw new LoginException(); | |||
} catch (PasswordLoginForbiddenException $ex) { | |||
// Nothing to do | |||
} |