summary refs log tree commit diff
path: root/synapse/rest/client
diff options
context:
space:
mode:
authorDavid Baker <dave@matrix.org>2015-07-15 19:28:03 +0100
committerDavid Baker <dave@matrix.org>2015-07-15 19:28:57 +0100
commit4da05fa0ae32425ce2755dcd479bb4c97f43b30e (patch)
tree9a93f7ca85e2e08a2e41d17faa47c2a04d824c7b /synapse/rest/client
parentbump up image quality a bit more as it looks crap (diff)
downloadsynapse-4da05fa0ae32425ce2755dcd479bb4c97f43b30e.tar.xz
Add back in support for remembering parameters submitted to a user-interactive auth call.
Diffstat (limited to '')
-rw-r--r--synapse/rest/client/v2_alpha/register.py11
1 files changed, 9 insertions, 2 deletions
diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py
index 72dfb876c5..fa44572b7b 100644
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@@ -57,10 +57,17 @@ class RegisterRestServlet(RestServlet):
         yield run_on_reactor()
 
         body = parse_request_allow_empty(request)
-        if 'password' not in body:
-            raise SynapseError(400, "", Codes.MISSING_PARAM)
+        # we do basic sanity checks here because the auth layerwill store these in sessions
+        if 'password' in body:
+            print "%r" % (body['password'])
+            if (not isinstance(body['password'], str) and
+                    not isinstance(body['password'], unicode)) or len(body['password']) > 512:
+                raise SynapseError(400, "Invalid password")
 
         if 'username' in body:
+            if (not isinstance(body['username'], str) and
+                    not isinstance(body['username'], unicode)) or len(body['username']) > 512:
+                raise SynapseError(400, "Invalid username")
             desired_username = body['username']
             yield self.registration_handler.check_username(desired_username)