Add ability to perform password reset via email without trusting the identity server (#5377)

Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368
author: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> 2019-06-06 17:34:07 +0100
committer: GitHub <noreply@github.com> 2019-06-06 17:34:07 +0100
commit: 3719680ee42b72b8480fa76a1455576897b65ef0 (patch)
tree: b7c49efd558e6e6ac6842b66c1ac3fef593ebfae /synapse/app
parent: Stop hardcoding trust of old matrix.org key (#5374) (diff)
download: synapse-3719680ee42b72b8480fa76a1455576897b65ef0.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py
index 1045d28949..df524a23dd 100755
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@@ -176,6 +176,7 @@ class SynapseHomeServer(HomeServer):
 
             resources.update({
                 "/_matrix/client/api/v1": client_resource,
+                "/_synapse/password_reset": client_resource,
                 "/_matrix/client/r0": client_resource,
                 "/_matrix/client/unstable": client_resource,
                 "/_matrix/client/v2_alpha": client_resource,
author	Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>	2019-06-06 17:34:07 +0100
committer	GitHub <noreply@github.com>	2019-06-06 17:34:07 +0100
commit	3719680ee42b72b8480fa76a1455576897b65ef0 (patch)
tree	b7c49efd558e6e6ac6842b66c1ac3fef593ebfae /synapse/app
parent	Stop hardcoding trust of old matrix.org key (#5374) (diff)
download	synapse-3719680ee42b72b8480fa76a1455576897b65ef0.tar.xz