diff options
| author | Andrew Morgan <andrew@amorgan.xyz> | 2020-03-24 14:42:12 +0000 |
|---|---|---|
| committer | Andrew Morgan <andrew@amorgan.xyz> | 2020-03-24 14:42:12 +0000 |
| commit | 6ed566e52a2252e91ad23c9bbd52655fe96d9727 (patch) | |
| tree | 477d298f981a7a20a53a21cbc6c80f6886c6c85d /synapse/handlers | |
| parent | Update INSTALL.md updated CentOS8 install instructions (#6925) (diff) | |
| parent | Add an option to the set password API to choose whether to logout other devic... (diff) | |
| download | synapse-6ed566e52a2252e91ad23c9bbd52655fe96d9727.tar.xz | |
Add an option to the set password API to choose whether to logout other devices. (#7085)
* commit '88b41986d': Add an option to the set password API to choose whether to logout other devices. (#7085)
Diffstat (limited to 'synapse/handlers')
| -rw-r--r-- | synapse/handlers/set_password.py | 41 |
1 files changed, 25 insertions, 16 deletions
diff --git a/synapse/handlers/set_password.py b/synapse/handlers/set_password.py index 3f50d6de47..1c826b9407 100644 --- a/synapse/handlers/set_password.py +++ b/synapse/handlers/set_password.py @@ -14,10 +14,12 @@ # See the License for the specific language governing permissions and # limitations under the License. import logging +from typing import Optional from twisted.internet import defer from synapse.api.errors import Codes, StoreError, SynapseError +from synapse.types import Requester from ._base import BaseHandler @@ -34,16 +36,19 @@ class SetPasswordHandler(BaseHandler): self._password_policy_handler = hs.get_password_policy_handler() @defer.inlineCallbacks - def set_password(self, user_id, newpassword, requester=None): + def set_password( + self, + user_id: str, + new_password: str, + logout_devices: bool, + requester: Optional[Requester] = None, + ): if not self.hs.config.password_localdb_enabled: raise SynapseError(403, "Password change disabled", errcode=Codes.FORBIDDEN) - self._password_policy_handler.validate_password(newpassword) + self._password_policy_handler.validate_password(new_password) - password_hash = yield self._auth_handler.hash(newpassword) - - except_device_id = requester.device_id if requester else None - except_access_token_id = requester.access_token_id if requester else None + password_hash = yield self._auth_handler.hash(new_password) try: yield self.store.user_set_password_hash(user_id, password_hash) @@ -52,14 +57,18 @@ class SetPasswordHandler(BaseHandler): raise SynapseError(404, "Unknown user", Codes.NOT_FOUND) raise e - # we want to log out all of the user's other sessions. First delete - # all his other devices. - yield self._device_handler.delete_all_devices_for_user( - user_id, except_device_id=except_device_id - ) + # Optionally, log out all of the user's other sessions. + if logout_devices: + except_device_id = requester.device_id if requester else None + except_access_token_id = requester.access_token_id if requester else None + + # First delete all of their other devices. + yield self._device_handler.delete_all_devices_for_user( + user_id, except_device_id=except_device_id + ) - # and now delete any access tokens which weren't associated with - # devices (or were associated with this device). - yield self._auth_handler.delete_access_tokens_for_user( - user_id, except_token_id=except_access_token_id - ) + # and now delete any access tokens which weren't associated with + # devices (or were associated with this device). + yield self._auth_handler.delete_access_tokens_for_user( + user_id, except_token_id=except_access_token_id + ) |