diff options
| author | David Baker <dbkr@users.noreply.github.com> | 2016-10-19 13:29:44 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-10-19 13:29:44 +0100 |
| commit | 7d2cf7e96061434b4638c0ba64228dd78ef5b9ca (patch) | |
| tree | bb5abd9faff8102ba7299fd10851b5b664af9321 | |
| parent | Merge pull request #1174 from matrix-org/erikj/email_push_noop (diff) | |
| parent | Latest delta is now 37 (diff) | |
| download | synapse-7d2cf7e96061434b4638c0ba64228dd78ef5b9ca.tar.xz | |
Merge pull request #1170 from matrix-org/dbkr/password_reset_case_insensitive
Make password reset email field case insensitive
| -rw-r--r-- | synapse/handlers/auth.py | 12 | ||||
| -rw-r--r-- | synapse/storage/schema/delta/37/user_threepids.sql | 23 |
2 files changed, 35 insertions, 0 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index dc0fe60e1b..3635521230 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -611,6 +611,18 @@ class AuthHandler(BaseHandler): @defer.inlineCallbacks def add_threepid(self, user_id, medium, address, validated_at): + # 'Canonicalise' email addresses down to lower case. + # We've now moving towards the Home Server being the entity that + # is responsible for validating threepids used for resetting passwords + # on accounts, so in future Synapse will gain knowledge of specific + # types (mediums) of threepid. For now, we still use the existing + # infrastructure, but this is the start of synapse gaining knowledge + # of specific types of threepid (and fixes the fact that checking + # for the presenc eof an email address during password reset was + # case sensitive). + if medium == 'email': + address = address.lower() + yield self.store.user_add_threepid( user_id, medium, address, validated_at, self.hs.get_clock().time_msec() diff --git a/synapse/storage/schema/delta/37/user_threepids.sql b/synapse/storage/schema/delta/37/user_threepids.sql new file mode 100644 index 0000000000..ef8813e72a --- /dev/null +++ b/synapse/storage/schema/delta/37/user_threepids.sql @@ -0,0 +1,23 @@ +/* Copyright 2016 OpenMarket Ltd + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * Update any email addresses that were stored with mixed case into all + * lowercase + */ +UPDATE user_threepids SET address = LOWER(address) where medium = 'email'; + +/* Add an index for the select we do on passwored reset */ +CREATE INDEX user_threepids_medium_address on user_threepids (medium, address); |