Merge remote-tracking branch 'origin/anoa/info-mainline-no-check-password-reset-backport' into bbz/info-mainline-1.20.1

author: Ben Banfield-Zanin <benbz@matrix.org> 2020-09-29 09:17:11 +0100
committer: Ben Banfield-Zanin <benbz@matrix.org> 2020-09-29 09:17:11 +0100
commit: cc716784257388574f6a7c8c41d1c6cf04e9fd40 (patch)
tree: 47210a6102e25db5d02dee2dc52f1aa5b6ea95e9
parent: Merge remote-tracking branch 'origin/release-v1.20.1' into bbz/info-mainline-... (diff)
parent: Don't check whether a 3pid is allowed to register during password reset (diff)
download: synapse-cc716784257388574f6a7c8c41d1c6cf04e9fd40.tar.xz
1 files changed, 0 insertions, 7 deletions
diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py
index cad3f9bbb7..a206b75541 100644
--- a/synapse/rest/client/v2_alpha/account.py
+++ b/synapse/rest/client/v2_alpha/account.py
@@ -91,13 +91,6 @@ class EmailPasswordRequestTokenRestServlet(RestServlet):
         send_attempt = body["send_attempt"]
         next_link = body.get("next_link")  # Optional param
 
-        if not await check_3pid_allowed(self.hs, "email", email):
-            raise SynapseError(
-                403,
-                "Your email domain is not authorized on this server",
-                Codes.THREEPID_DENIED,
-            )
-
         # The email will be sent to the stored address.
         # This avoids a potential account hijack by requesting a password reset to
         # an email address which is controlled by the attacker but which, after
author	Ben Banfield-Zanin <benbz@matrix.org>	2020-09-29 09:17:11 +0100
committer	Ben Banfield-Zanin <benbz@matrix.org>	2020-09-29 09:17:11 +0100
commit	cc716784257388574f6a7c8c41d1c6cf04e9fd40 (patch)
tree	47210a6102e25db5d02dee2dc52f1aa5b6ea95e9
parent	Merge remote-tracking branch 'origin/release-v1.20.1' into bbz/info-mainline-... (diff)
parent	Don't check whether a 3pid is allowed to register during password reset (diff)
download	synapse-cc716784257388574f6a7c8c41d1c6cf04e9fd40.tar.xz