diff options
author | Shay <hillerys@element.io> | 2022-03-25 10:11:01 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-25 10:11:01 -0700 |
commit | 3c41d87b67d3a62edfc660b4fe8f2545f5dbee4f (patch) | |
tree | b11ef0e94c7bbe343f976836a92ca9905c4f6016 /synapse/config | |
parent | Add cache for `get_membership_from_event_ids` (#12272) (diff) | |
download | synapse-3c41d87b67d3a62edfc660b4fe8f2545f5dbee4f.tar.xz |
Add restrictions by default to open registration in Synapse (#12091)
Diffstat (limited to 'synapse/config')
-rw-r--r-- | synapse/config/registration.py | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/synapse/config/registration.py b/synapse/config/registration.py index ea9b50fe97..40fb329a7f 100644 --- a/synapse/config/registration.py +++ b/synapse/config/registration.py @@ -33,6 +33,10 @@ class RegistrationConfig(Config): str(config["disable_registration"]) ) + self.enable_registration_without_verification = strtobool( + str(config.get("enable_registration_without_verification", False)) + ) + self.registrations_require_3pid = config.get("registrations_require_3pid", []) self.allowed_local_3pids = config.get("allowed_local_3pids", []) self.enable_3pid_lookup = config.get("enable_3pid_lookup", True) @@ -207,10 +211,18 @@ class RegistrationConfig(Config): # Registration can be rate-limited using the parameters in the "Ratelimiting" # section of this file. - # Enable registration for new users. + # Enable registration for new users. Defaults to 'false'. It is highly recommended that if you enable registration, + # you use either captcha, email, or token-based verification to verify that new users are not bots. In order to enable registration + # without any verification, you must also set `enable_registration_without_verification`, found below. # #enable_registration: false + # Enable registration without email or captcha verification. Note: this option is *not* recommended, + # as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect + # unless `enable_registration` is also enabled. + # + #enable_registration_without_verification: true + # Time that a user's session remains valid for, after they log in. # # Note that this is not currently compatible with guest logins. |