summary refs log tree commit diff
path: root/synapse/rest/register.py
diff options
context:
space:
mode:
authorPaul "LeoNerd" Evans <paul@matrix.org>2014-09-23 14:29:08 +0100
committerPaul "LeoNerd" Evans <paul@matrix.org>2014-09-23 14:29:08 +0100
commit3a8a94448af334e57c5cfa3583b2c20739aeb613 (patch)
tree6592074fdbb208abeb78d1c291987f985ee1bd70 /synapse/rest/register.py
parentShow display name changes in the message list. (diff)
downloadsynapse-3a8a94448af334e57c5cfa3583b2c20739aeb613.tar.xz
Allow a (hidden undocumented) key to m.login.recaptcha to specify a shared secret to allow bots to bypass the ReCAPTCHA test (SYN-60)
Diffstat (limited to '')
-rw-r--r--synapse/rest/register.py23
1 files changed, 18 insertions, 5 deletions
diff --git a/synapse/rest/register.py b/synapse/rest/register.py
index af528a44f6..f1354e4b71 100644
--- a/synapse/rest/register.py
+++ b/synapse/rest/register.py
@@ -142,6 +142,24 @@ class RegisterRestServlet(RestServlet):
         if not self.hs.config.enable_registration_captcha:
             raise SynapseError(400, "Captcha not required.")
 
+        yield self._check_recaptcha(request, register_json)
+
+        session[LoginType.RECAPTCHA] = True  # mark captcha as done
+        self._save_session(session)
+        defer.returnValue({
+            "next": [LoginType.PASSWORD, LoginType.EMAIL_IDENTITY]
+        })
+
+    @defer.inlineCallbacks
+    def _check_recaptcha(self, request, register_json):
+        if "captcha_bypass_secret" in register_json:
+            if (register_json["captcha_bypass_secret"] ==
+                    self.hs.config.captcha_bypass_secret):
+                defer.returnValue(None)
+            else:
+                raise SynapseError(400, "Captcha bypass secret incorrect",
+                    errcode=Codes.CAPTCHA_NEEDED)
+
         challenge = None
         user_response = None
         try:
@@ -166,11 +184,6 @@ class RegisterRestServlet(RestServlet):
             challenge,
             user_response
         )
-        session[LoginType.RECAPTCHA] = True  # mark captcha as done
-        self._save_session(session)
-        defer.returnValue({
-            "next": [LoginType.PASSWORD, LoginType.EMAIL_IDENTITY]
-        })
 
     @defer.inlineCallbacks
     def _do_email_identity(self, request, register_json, session):