diff options
| author | Mark Haines <mjark@negativecurvature.net> | 2015-01-28 17:19:28 +0000 |
|---|---|---|
| committer | Mark Haines <mjark@negativecurvature.net> | 2015-01-28 17:19:28 +0000 |
| commit | 26c8fff19ebfca3914305f820b29897db8ea4fca (patch) | |
| tree | c346408ce8f8ced5d1cb2e8dce4ea7fb934bb37e /synapse/api | |
| parent | Merge branch 'master' into develop (diff) | |
| parent | Rename ClientID to ClientInfo since it is a pair of IDs rather than a single ... (diff) | |
| download | synapse-26c8fff19ebfca3914305f820b29897db8ea4fca.tar.xz | |
Merge pull request #36 from matrix-org/device_id_from_access_token
Extract the device id and token id from the access token when autheniticating users
Diffstat (limited to 'synapse/api')
| -rw-r--r-- | synapse/api/auth.py | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index a342a0e0da..9c03024512 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -21,7 +21,7 @@ from synapse.api.constants import EventTypes, Membership, JoinRules from synapse.api.errors import AuthError, StoreError, Codes, SynapseError from synapse.util.logutils import log_function from synapse.util.async import run_on_reactor -from synapse.types import UserID +from synapse.types import UserID, ClientInfo import logging @@ -290,7 +290,9 @@ class Auth(object): Args: request - An HTTP request with an access_token query parameter. Returns: - UserID : User ID object of the user making the request + tuple : of UserID and device string: + User ID object of the user making the request + Client ID object of the client instance the user is using Raises: AuthError if no user by that token exists or the token is invalid. """ @@ -299,6 +301,8 @@ class Auth(object): access_token = request.args["access_token"][0] user_info = yield self.get_user_by_token(access_token) user = user_info["user"] + device_id = user_info["device_id"] + token_id = user_info["token_id"] ip_addr = self.hs.get_ip_from_request(request) user_agent = request.requestHeaders.getRawHeaders( @@ -314,7 +318,7 @@ class Auth(object): user_agent=user_agent ) - defer.returnValue(user) + defer.returnValue((user, ClientInfo(device_id, token_id))) except KeyError: raise AuthError(403, "Missing access token.") @@ -339,6 +343,7 @@ class Auth(object): "admin": bool(ret.get("admin", False)), "device_id": ret.get("device_id"), "user": UserID.from_string(ret.get("name")), + "token_id": ret.get("token_id", None), } defer.returnValue(user_info) |