diff options
| author | Daniel Wagner-Hall <daniel@matrix.org> | 2016-02-24 14:41:25 +0000 |
|---|---|---|
| committer | review.rocks <nobody@review.rocks> | 2016-02-24 14:41:25 +0000 |
| commit | 33300673b7a6f79802f691ac121e720cb44c0dfc (patch) | |
| tree | e093e52c405849706fc2b6d55cb74259eac2a64f /synapse/handlers | |
| parent | Ignore invalid POST bodies when joining rooms (diff) | |
| download | synapse-33300673b7a6f79802f691ac121e720cb44c0dfc.tar.xz | |
Generate guest access token on 3pid invites
This means that following the same link across multiple sessions or devices can re-use the same guest account. Note that this is somewhat of an abuse vector; we can't throw up captchas on this flow, so this is a way of registering ephemeral accounts for spam, whose sign-up we don't rate limit.
Diffstat (limited to 'synapse/handlers')
| -rw-r--r-- | synapse/handlers/register.py | 15 | ||||
| -rw-r--r-- | synapse/handlers/room.py | 8 |
2 files changed, 23 insertions, 0 deletions
diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index f8959e5d82..6d155d57e7 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -349,3 +349,18 @@ class RegistrationHandler(BaseHandler): def auth_handler(self): return self.hs.get_handlers().auth_handler + + @defer.inlineCallbacks + def guest_access_token_for(self, medium, address, inviter_user_id): + access_token = yield self.store.get_3pid_guest_access_token(medium, address) + if access_token: + defer.returnValue(access_token) + + _, access_token = yield self.register( + generate_token=True, + make_guest=True + ) + access_token = yield self.store.save_or_get_3pid_guest_access_token( + medium, address, access_token, inviter_user_id + ) + defer.returnValue(access_token) diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py index eb9700a35b..d2de23a6cc 100644 --- a/synapse/handlers/room.py +++ b/synapse/handlers/room.py @@ -848,6 +848,13 @@ class RoomMemberHandler(BaseHandler): user. """ + registration_handler = self.hs.get_handlers().registration_handler + guest_access_token = yield registration_handler.guest_access_token_for( + medium=medium, + address=address, + inviter_user_id=inviter_user_id, + ) + is_url = "%s%s/_matrix/identity/api/v1/store-invite" % ( id_server_scheme, id_server, ) @@ -864,6 +871,7 @@ class RoomMemberHandler(BaseHandler): "sender": inviter_user_id, "sender_display_name": inviter_display_name, "sender_avatar_url": inviter_avatar_url, + "guest_access_token": guest_access_token, } ) # TODO: Check for success |