diff options
| author | Paul "LeoNerd" Evans <paul@matrix.org> | 2015-11-03 16:08:48 +0000 |
|---|---|---|
| committer | Paul "LeoNerd" Evans <paul@matrix.org> | 2015-11-03 16:08:48 +0000 |
| commit | 8a0407c7e6b43a9e36dfaed228442cc8fb1361bd (patch) | |
| tree | 82e7a8610cb4f15094b23d6e3e0467f512390d04 /synapse/rest/client/v1/login.py | |
| parent | Surely we don't need to preserve 'events_default' twice (diff) | |
| parent | Merge pull request #338 from matrix-org/daniel/fixdb (diff) | |
| download | synapse-8a0407c7e6b43a9e36dfaed228442cc8fb1361bd.tar.xz | |
Merge branch 'develop' into paul/tiny-fixes
Diffstat (limited to 'synapse/rest/client/v1/login.py')
| -rw-r--r-- | synapse/rest/client/v1/login.py | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/synapse/rest/client/v1/login.py b/synapse/rest/client/v1/login.py index dacc416055..4ea06c1434 100644 --- a/synapse/rest/client/v1/login.py +++ b/synapse/rest/client/v1/login.py @@ -43,6 +43,7 @@ class LoginRestServlet(ClientV1RestServlet): def __init__(self, hs): super(LoginRestServlet, self).__init__(hs) self.idp_redirect_url = hs.config.saml2_idp_redirect_url + self.password_enabled = hs.config.password_enabled self.saml2_enabled = hs.config.saml2_enabled self.cas_enabled = hs.config.cas_enabled self.cas_server_url = hs.config.cas_server_url @@ -50,11 +51,13 @@ class LoginRestServlet(ClientV1RestServlet): self.servername = hs.config.server_name def on_GET(self, request): - flows = [{"type": LoginRestServlet.PASS_TYPE}] + flows = [] if self.saml2_enabled: flows.append({"type": LoginRestServlet.SAML2_TYPE}) if self.cas_enabled: flows.append({"type": LoginRestServlet.CAS_TYPE}) + if self.password_enabled: + flows.append({"type": LoginRestServlet.PASS_TYPE}) return (200, {"flows": flows}) def on_OPTIONS(self, request): @@ -65,6 +68,9 @@ class LoginRestServlet(ClientV1RestServlet): login_submission = _parse_json(request) try: if login_submission["type"] == LoginRestServlet.PASS_TYPE: + if not self.password_enabled: + raise SynapseError(400, "Password login has been disabled.") + result = yield self.do_password_login(login_submission) defer.returnValue(result) elif self.saml2_enabled and (login_submission["type"] == @@ -101,6 +107,8 @@ class LoginRestServlet(ClientV1RestServlet): user_id = yield self.hs.get_datastore().get_user_id_by_threepid( login_submission['medium'], login_submission['address'] ) + if not user_id: + raise LoginError(403, "", errcode=Codes.FORBIDDEN) else: user_id = login_submission['user'] |