access_token: don't allow RestrictedAccessToken without another login
This keep the current behavior. Invalidating all logins is also a way to disable login for this user without having to find all tokens and invalidate them one by one
Showing
This keep the current behavior. Invalidating all logins is also a way to disable login for this user without having to find all tokens and invalidate them one by one
mentioned in merge request !838 (merged)
·