diff options
author | Andrew Morgan <andrew@amorgan.xyz> | 2019-11-06 12:01:54 +0000 |
---|---|---|
committer | Andrew Morgan <andrew@amorgan.xyz> | 2019-11-06 12:01:54 +0000 |
commit | 4059d61e2608ac823ef04fe37f23fcac2387a37b (patch) | |
tree | 813a1ac5f2b4407545fe4a91ab03adc0f3817d17 | |
parent | Numeric ID checker now checks @0, don't ratelimit on checking (diff) | |
download | synapse-4059d61e2608ac823ef04fe37f23fcac2387a37b.tar.xz |
Don't forget to ratelimit calls outside of RegistrationHandler
-rw-r--r-- | synapse/handlers/register.py | 4 | ||||
-rw-r--r-- | synapse/replication/http/register.py | 2 |
2 files changed, 4 insertions, 2 deletions
diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index 3c142a4395..8be82e3754 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -168,7 +168,7 @@ class RegistrationHandler(BaseHandler): Raises: RegistrationError if there was a problem registering. """ - yield self._check_registration_ratelimit(address) + yield self.check_registration_ratelimit(address) yield self.auth.check_auth_blocking(threepid=threepid) password_hash = None @@ -415,7 +415,7 @@ class RegistrationHandler(BaseHandler): ratelimit=False, ) - def _check_registration_ratelimit(self, address): + def check_registration_ratelimit(self, address): """A simple helper method to check whether the registration rate limit has been hit for a given IP address diff --git a/synapse/replication/http/register.py b/synapse/replication/http/register.py index 915cfb9430..6f4bba7aa4 100644 --- a/synapse/replication/http/register.py +++ b/synapse/replication/http/register.py @@ -75,6 +75,8 @@ class ReplicationRegisterServlet(ReplicationEndpoint): async def _handle_request(self, request, user_id): content = parse_json_object_from_request(request) + await self.registration_handler.check_registration_ratelimit(content["address"]) + await self.registration_handler.register_with_store( user_id=user_id, password_hash=content["password_hash"], |