diff options
| author | Andrew Morgan <andrew@amorgan.xyz> | 2019-05-24 15:38:51 +0100 |
|---|---|---|
| committer | Andrew Morgan <andrew@amorgan.xyz> | 2019-06-06 10:04:28 +0100 |
| commit | ec781af214b1ee67fc967ba2aa6f0b646d5053e0 (patch) | |
| tree | 12077c59e4f56eb6e1315727e6186a4cba5e979a /synapse/res | |
| parent | Fix appservice timestamp massaging (#5233) (diff) | |
| download | synapse-ec781af214b1ee67fc967ba2aa6f0b646d5053e0.tar.xz | |
Reimplementation of /submitToken on the homeserver side. Only used by password resets
This PR creates an endpoint GET/POST /_matrix/identity/api/v1/validate/email/submitToken which mirrors the same endpoint on the identity server used for submitting tokens used for validating 3PID addresses. When the token is submitted, it is checked along with the client_secret and session_id in the db and if it matches and isn't expired, we mark the session as validated. Then, when the user attempts to change their password, we check if the session is valid, and if so allow it. We also delete the session at this point, as as far as I can tell there's no further use for it.
Diffstat (limited to 'synapse/res')
| -rw-r--r-- | synapse/res/templates/password_reset.html | 10 | ||||
| -rw-r--r-- | synapse/res/templates/password_reset.txt | 5 | ||||
| -rw-r--r-- | synapse/res/templates/password_reset_failure.html | 6 | ||||
| -rw-r--r-- | synapse/res/templates/password_reset_success.html | 6 |
4 files changed, 27 insertions, 0 deletions
diff --git a/synapse/res/templates/password_reset.html b/synapse/res/templates/password_reset.html new file mode 100644 index 0000000000..68673df8ae --- /dev/null +++ b/synapse/res/templates/password_reset.html @@ -0,0 +1,10 @@ +<html> +<title>time to reset your password!!!</title> +<body> + <p>here's the link you forgetful person you!</p> + + <a href="{{ link }}">Reset your password</a> + + <p>now get on back to happy town!</p> +</body> +</html> diff --git a/synapse/res/templates/password_reset.txt b/synapse/res/templates/password_reset.txt new file mode 100644 index 0000000000..0744747a7d --- /dev/null +++ b/synapse/res/templates/password_reset.txt @@ -0,0 +1,5 @@ +here's the link you forgetful person you! + +{{ link }} + +now get on back to happy town! diff --git a/synapse/res/templates/password_reset_failure.html b/synapse/res/templates/password_reset_failure.html new file mode 100644 index 0000000000..0b132cf8db --- /dev/null +++ b/synapse/res/templates/password_reset_failure.html @@ -0,0 +1,6 @@ +<html> +<head></head> +<body> +<p>{{ failure_reason }}. Your password has not been reset.</p> +</body> +</html> diff --git a/synapse/res/templates/password_reset_success.html b/synapse/res/templates/password_reset_success.html new file mode 100644 index 0000000000..7b6fa5e6f0 --- /dev/null +++ b/synapse/res/templates/password_reset_success.html @@ -0,0 +1,6 @@ +<html> +<head></head> +<body> +<p>Your password was successfully reset. You may now close this window.</p> +</body> +</html> |