diff --git a/res/templates/password_reset.html b/res/templates/password_reset.html
deleted file mode 100644
index c58f61470c..0000000000
--- a/res/templates/password_reset.html
+++ /dev/null
@@ -1,9 +0,0 @@
-<html>
-<body>
- <p>here's the link you forgetful person you!</p>
-
- <a href="{{ link }}">Reset your password</a>
-
- <p>now get on back to happy town!</p>
-</body>
-</html>
diff --git a/res/templates/password_reset.txt b/res/templates/password_reset.txt
deleted file mode 100644
index 0744747a7d..0000000000
--- a/res/templates/password_reset.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-here's the link you forgetful person you!
-
-{{ link }}
-
-now get on back to happy town!
diff --git a/synapse/config/emailconfig.py b/synapse/config/emailconfig.py
index df1384a7d6..299c24348e 100644
--- a/synapse/config/emailconfig.py
+++ b/synapse/config/emailconfig.py
@@ -64,7 +64,7 @@ class EmailConfig(Config):
# work for the same reason.)
if not template_dir:
template_dir = pkg_resources.resource_filename(
- 'synapse', '../res/templates'
+ 'synapse', 'res/templates'
)
self.email_template_dir = os.path.abspath(template_dir)
@@ -94,7 +94,7 @@ class EmailConfig(Config):
jinja2
bleach
- if not self.email_enable_password_reset_from_is:
+ if self.allow_password_resets and not self.email_enable_password_reset_from_is:
required = [
"smtp_host",
"smtp_port",
diff --git a/synapse/config/password.py b/synapse/config/password.py
index eea59e772b..1af75f00f8 100644
--- a/synapse/config/password.py
+++ b/synapse/config/password.py
@@ -21,6 +21,8 @@ class PasswordConfig(Config):
"""
def read_config(self, config):
+ self.allow_password_resets = config.get("allow_password_resets", False)
+
password_config = config.get("password_config", {})
if password_config is None:
password_config = {}
@@ -30,6 +32,18 @@ class PasswordConfig(Config):
def default_config(self, config_dir_path, server_name, **kwargs):
return """\
+ # Allow users to reset their password
+ #
+ # Resetting a user's password is done either by sending a token from
+ # Synapse, or asking an identity server to do so. In Synapse v1.0,
+ # sending a password reset token from an identity server was turned off
+ # by default for security reasons.
+ #
+ # If enable_password_reset_from_is is False, you must fill out the
+ # "email" section of the config before enabling password resets
+ #
+ #allow_password_resets: False
+
password_config:
# Uncomment to disable password login
#
diff --git a/tests/utils.py b/tests/utils.py
index be282c31b7..c8c400cf0d 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -131,12 +131,6 @@ def default_config(name, parse=False):
"password_providers": [],
"worker_replication_url": "",
"worker_app": None,
- "email": {
- "enable_notifs": False,
- "smtp_host": "somehost",
- "smtp_port": 25,
- "notif_from": "someone <someone@example.com>",
- },
"block_non_admin_invites": False,
"federation_domain_whitelist": None,
"filter_timeline_limit": 5000,
|
