diff options
author | Richard van der Hoff <richard@matrix.org> | 2017-11-01 10:29:34 +0000 |
---|---|---|
committer | Richard van der Hoff <richard@matrix.org> | 2017-11-01 15:46:22 +0000 |
commit | dd13310fb8ca0cfce60e4fccdb93e90a16078609 (patch) | |
tree | f6b42e32e82bb54fd6027c2985dd09c96b7a2ac9 /synapse/rest/client/v2_alpha/account.py | |
parent | Merge pull request #2610 from matrix-org/rav/schema_for_pw_providers (diff) | |
download | synapse-dd13310fb8ca0cfce60e4fccdb93e90a16078609.tar.xz |
Move access token deletion into auth handler
Also move duplicated deactivation code into the auth handler. I want to add some hooks when we deactivate an access token, so let's bring it all in here so that there's somewhere to put it.
Diffstat (limited to '')
-rw-r--r-- | synapse/rest/client/v2_alpha/account.py | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py index 1a0d57a04a..3062e04c59 100644 --- a/synapse/rest/client/v2_alpha/account.py +++ b/synapse/rest/client/v2_alpha/account.py @@ -162,7 +162,6 @@ class DeactivateAccountRestServlet(RestServlet): def __init__(self, hs): self.hs = hs - self.store = hs.get_datastore() self.auth = hs.get_auth() self.auth_handler = hs.get_auth_handler() super(DeactivateAccountRestServlet, self).__init__() @@ -180,7 +179,9 @@ class DeactivateAccountRestServlet(RestServlet): # allow ASes to dectivate their own users if requester and requester.app_service: - yield self._deactivate_account(requester.user.to_string()) + yield self.auth_handler.deactivate_account( + requester.user.to_string() + ) defer.returnValue((200, {})) authed, result, params, _ = yield self.auth_handler.check_auth([ @@ -205,17 +206,9 @@ class DeactivateAccountRestServlet(RestServlet): logger.error("Auth succeeded but no known type!", result.keys()) raise SynapseError(500, "", Codes.UNKNOWN) - yield self._deactivate_account(user_id) + yield self.auth_handler.deactivate_account(user_id) defer.returnValue((200, {})) - @defer.inlineCallbacks - def _deactivate_account(self, user_id): - # FIXME: Theoretically there is a race here wherein user resets - # password using threepid. - yield self.store.user_delete_access_tokens(user_id) - yield self.store.user_delete_threepids(user_id) - yield self.store.user_set_password_hash(user_id, None) - class EmailThreepidRequestTokenRestServlet(RestServlet): PATTERNS = client_v2_patterns("/account/3pid/email/requestToken$") |