summary refs log tree commit diff
diff options
context:
space:
mode:
authorAndrew Morgan <1342360+anoadragon453@users.noreply.github.com>2019-09-19 10:53:14 +0100
committerGitHub <noreply@github.com>2019-09-19 10:53:14 +0100
commit62e3ff92fd3228b5c34f6cee691e22f9b1f85c9e (patch)
tree81c52e3dabd3aabe40d1a0e2d7ad2090f5606008
parentFix typo in account_threepid_delegates config (#6028) (diff)
downloadsynapse-62e3ff92fd3228b5c34f6cee691e22f9b1f85c9e.tar.xz
Remove POST method from password reset submit_token endpoint (#6056)
Removes the POST method from `/password_reset/<medium>/submit_token/` as it's only used by phone number verification which Synapse does not support yet.
-rw-r--r--changelog.d/6056.bugfix1
-rw-r--r--synapse/rest/client/v2_alpha/account.py17
2 files changed, 1 insertions, 17 deletions
diff --git a/changelog.d/6056.bugfix b/changelog.d/6056.bugfix
new file mode 100644
index 0000000000..4d9573a58d
--- /dev/null
+++ b/changelog.d/6056.bugfix
@@ -0,0 +1 @@
+Remove POST method from password reset submit_token endpoint until we implement submit_url functionality.
\ No newline at end of file
diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py
index 2ea515d2f6..afaaeeacdd 100644
--- a/synapse/rest/client/v2_alpha/account.py
+++ b/synapse/rest/client/v2_alpha/account.py
@@ -272,23 +272,6 @@ class PasswordResetSubmitTokenServlet(RestServlet):
         request.write(html.encode("utf-8"))
         finish_request(request)
 
-    @defer.inlineCallbacks
-    def on_POST(self, request, medium):
-        if medium != "email":
-            raise SynapseError(
-                400, "This medium is currently not supported for password resets"
-            )
-
-        body = parse_json_object_from_request(request)
-        assert_params_in_dict(body, ["sid", "client_secret", "token"])
-
-        valid, _ = yield self.store.validate_threepid_session(
-            body["sid"], body["client_secret"], body["token"], self.clock.time_msec()
-        )
-        response_code = 200 if valid else 400
-
-        return response_code, {"success": valid}
-
 
 class PasswordRestServlet(RestServlet):
     PATTERNS = client_patterns("/account/password$")