summary refs log tree commit diff
path: root/synapse/handlers/register.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'develop' of into allow_auto_join_roomsKrombel2018-03-281-4/+10
|\
| * Also do check inside linearizerErik Johnston2018-03-271-3/+4
| |
| * PEP8Erik Johnston2018-03-261-1/+3
| |
| * Linearize calls to _generate_user_idErik Johnston2018-03-261-4/+7
| |
* | move handling of auto_join_rooms to RegisterHandlerKrombel2018-03-141-2/+34
|/ | | | | | | | | | | | | Currently the handling of auto_join_rooms only works when a user registers itself via public register api. Registrations via registration_shared_secret and ModuleApi do not work This auto_joins the users in the registration handler which enables the auto join feature for all 3 registration paths. This is related to issue #2725 Signed-Off-by: Matthias Kesler <krombel@krombel.de>
* Refactor get_or_register_3pid_guestErik Johnston2018-03-131-4/+22
|
* rewrite based on PR feedback:Matthew Hodgson2018-01-191-10/+5
| | | | | | | | | * [ ] split config options into allowed_local_3pids and registrations_require_3pid * [ ] simplify and comment logic for picking registration flows * [ ] fix docstring and move check_3pid_allowed into a new util module * [ ] use check_3pid_allowed everywhere @erikjohnston PTAL
* fix up v1, and improve errorsMatthew Hodgson2018-01-191-1/+12
|
* Merge pull request #2773 from matrix-org/erikj/hash_bgErik Johnston2018-01-101-1/+1
|\ | | | | Do bcrypt hashing in a background thread
| * Do bcrypt hashing in a background threadErik Johnston2018-01-101-1/+1
| |
* | switch to a simpler 'search_all_users' button as per review feedbackMatthew Hodgson2017-12-041-1/+1
| |
* | kick the user_directory index when new users registerMatthew Hodgson2017-11-291-0/+8
|/
* Revert "Allow upper-case characters in mxids"Richard van der Hoff2017-11-091-3/+3
| | | | This reverts commit b70b64690330c25cbd04c1b2cacf8276b566efc8.
* Allow upper-case characters in mxidsRichard van der Hoff2017-11-091-3/+3
| | | | Because we're never going to be able to fix this :'(
* Move access token deletion into auth handlerRichard van der Hoff2017-11-011-1/+2
| | | | | | | Also move duplicated deactivation code into the auth handler. I want to add some hooks when we deactivate an access token, so let's bring it all in here so that there's somewhere to put it.
* replace 'except:' with 'except Exception:'Richard van der Hoff2017-10-231-1/+1
| | | | what could possibly go wrong
* Allow = in mxids and groupidsRichard van der Hoff2017-10-201-3/+2
| | | | ... because the spec says we should.
* Disallow capital letters in useridsRichard van der Hoff2017-10-201-6/+4
| | | | | Factor out a common function for checking user ids and group ids, which forbids capitals.
* Split out profile handler to fix testsErik Johnston2017-08-251-2/+2
|
* Modify condition on empty localpartLuke Barnard2017-05-101-1/+1
|
* Modify register/available to be GET with query paramLuke Barnard2017-05-101-0/+7
| | | | | | | - GET is now the method for register/available - a query parameter "username" is now used Also, empty usernames are now handled with an error message on registration or via register/available: `User ID cannot be empty`
* Fix email push in pusher workerErik Johnston2017-02-021-4/+6
| | | | | | This was broken when device list updates were implemented, as Mailer could no longer instantiate an AuthHandler due to a dependency on federation sending.
* Prevent user tokens being used as guest tokens (#1675)Richard van der Hoff2016-12-061-1/+1
| | | | | Make sure that a user cannot pretend to be a guest by adding 'guest = True' caveats.
* Stop putting a time caveat on access tokensRichard van der Hoff2016-11-291-3/+2
| | | | | | | | The 'time' caveat on the access tokens was something of a lie, since we weren't enforcing it; more pertinently its presence stops us ever adding useful time caveats. Let's move in the right direction by not lying in our caveats.
* rest/client/v1/register: use the correct requester in createUserPatrik Oldsberg2016-10-061-4/+2
| | | | Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
* storage/appservice: make appservice methods only relying on the cache ↵Patrik Oldsberg2016-10-061-3/+2
| | | | synchronous
* Forbid non-ASes from registering users whose names begin with '_' (SYN-738)Paul "LeoNerd" Evans2016-07-271-0/+7
|
* Add `create_requester` functionRichard van der Hoff2016-07-261-7/+9
| | | | | Wrap the `Requester` constructor with a function which provides sensible defaults, and use it throughout
* Further registration refactoringRichard van der Hoff2016-07-191-5/+8
| | | | | | | | | | | | | | * `RegistrationHandler.appservice_register` no longer issues an access token: instead it is left for the caller to do it. (There are two of these, one in `synapse/rest/client/v1/register.py`, which now simply calls `AuthHandler.issue_access_token`, and the other in `synapse/rest/client/v2_alpha/register.py`, which is covered below). * In `synapse/rest/client/v2_alpha/register.py`, move the generation of access_tokens into `_create_registration_details`. This means that the normal flow no longer needs to call `AuthHandler.issue_access_token`; the shared-secret flow can tell `RegistrationHandler.register` not to generate a token; and the appservice flow continues to work despite the above change.
* Bug fix: expire invalid access tokensNegar Fazeli2016-07-131-3/+3
|
* Add an admin option to shared secret registrationErik Johnston2016-07-051-1/+3
|
* Fix style violationsKent Shikama2016-07-041-1/+2
| | | | Signed-off-by: Kent Shikama <kent@kentshikama.com>
* Optionally include password hash in createUser endpointKent Shikama2016-07-031-2/+2
| | | | Signed-off-by: Kent Shikama <kent@kentshikama.com>
* Add a comment on why we don't create a profile for upgrading usersMark Haines2016-06-171-0/+1
|
* Remove registered_users from the distributor.Mark Haines2016-06-171-13/+10
| | | | | | | | | | The only place that was observed was to set the profile. I've made it so that the profile is set within store.register in the same transaction that creates the user. This required some slight changes to the registration code for upgrading guest users, since it previously relied on the distributor swallowing errors if the profile already existed.
* Fix a bug caused by a change in auth_handler functionNegar Fazeli2016-06-081-2/+2
| | | | Fix the relevant unit test cases
* Split out the auth handlerDavid Baker2016-06-021-1/+1
|
* Fix set profile error with Requester.Negi Fazeli2016-05-231-4/+5
| | | | | Replace flush_user with delete access token due to function removal Add a new test case for if the user is already registered
* Create user with expiryNegi Fazeli2016-05-131-0/+53
| | | | | | - Add unittests for client, api and handler Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
* Move all the wrapper functions for distributor.fireMark Haines2016-04-081-4/+1
| | | | | | | Move the functions inside the distributor and import them where needed. This reduces duplication and makes it possible for flake8 to detect when the functions aren't used in a given file.
* Make registration idempotent, part 2: be idempotent if the client specifies ↵David Baker2016-03-161-1/+11
| | | | a username.
* Store appservice ID on registerDaniel Wagner-Hall2016-03-101-1/+4
|
* Use syntax that works on both py2.7 and py3Mark Haines2016-03-071-1/+1
|
* handlers/register: make sure another user id is generated when a collision ↵Patrik Oldsberg2016-02-291-0/+1
| | | | | | occurs Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
* Generate guest access token on 3pid invitesDaniel Wagner-Hall2016-02-241-0/+15
| | | | | | | | | This means that following the same link across multiple sessions or devices can re-use the same guest account. Note that this is somewhat of an abuse vector; we can't throw up captchas on this flow, so this is a way of registering ephemeral accounts for spam, whose sign-up we don't rate limit.
* Enforce user_id exclusivity for AS registrationsDaniel Wagner-Hall2016-02-111-5/+12
| | | | | This whole set of checks is kind of an ugly mess, which I may clean up at some point, but for now let's be correct.
* Fix up logcontextsErik Johnston2016-02-081-1/+1
|
* Allocate guest user IDs numericcallyDaniel Wagner-Hall2016-02-051-19/+36
| | | | | | | | | The current random IDs are ugly and confusing when presented in UIs. This makes them prettier and easier to read. Also, disable non-automated registration of numeric IDs so that we don't need to worry so much about people carving out our automated address space and us needing to keep retrying ID registration.
* Fix flake8 warnings for new flake8Daniel Wagner-Hall2016-02-021-1/+1
|
* Pass make_guest whne we autogen a user IDDavid Baker2016-02-021-1/+3
|
* Underscores are allowed in user idsErik Johnston2016-01-221-1/+1
|
* Don't explode when given a unicode username in /register/Erik Johnston2016-01-201-3/+2
|
* M_INVALID_USERNAME to be consistent with the parameter nameDavid Baker2016-01-151-1/+1
|
* Add specific error code for invalid user names.David Baker2016-01-141-1/+2
|
* comma styleDavid Baker2016-01-061-1/+1
|
* Add is_guest flag to users db to track whether a user is a guest user or ↵David Baker2016-01-061-1/+3
| | | | not. Use this so we can run _filter_events_for_client when calculating event_push_actions.
* Allow guests to upgrade their accountsDaniel Wagner-Hall2016-01-051-10/+27
|
* Merge pull request #450 from matrix-org/matthew/no-identiconsMatthew Hodgson2015-12-181-19/+3
|\ | | | | Matthew/no identicons
| * fix indentation levelMatthew Hodgson2015-12-171-3/+3
| |
| * stop generating default identicons. reverts most of ↵Matthew Hodgson2015-12-171-19/+3
| | | | | | | | 582019f870adbc4a8a8a9ef97b527e0fead77761 and solves vector-web/vector-im#346
* | Fix typo that broke registration on the mobile clientsDavid Baker2015-12-181-1/+1
|/
* Reuse the captcha client rather than creating a new one for each requestMark Haines2015-12-031-4/+2
|
* Wrap calls to distributor.fire in appropriately named functions so that ↵Mark Haines2015-12-011-4/+8
| | | | static analysis can work out want is calling what
* Allow guests to register and call /events?room_id=Daniel Wagner-Hall2015-11-041-5/+7
| | | | | | | This follows the same flows-based flow as regular registration, but as the only implemented flow has no requirements, it auto-succeeds. In the future, other flows (e.g. captcha) may be required, so clients should treat this like the regular registration flow choices.
* Remove unused importDaniel Wagner-Hall2015-08-261-1/+0
|
* Swap out bcrypt for md5 in testsDaniel Wagner-Hall2015-08-261-1/+1
| | | | This reduces our ~8 second sequential test time down to ~7 seconds
* Merge erikj/user_dedup to developDaniel Wagner-Hall2015-08-261-2/+2
|
* Move token generation to auth handlerDaniel Wagner-Hall2015-08-201-19/+7
| | | | | I prefer the auth handler to worry about all auth, and register to call into it as needed, than to smatter auth logic between the two.
* Re-add whitespace around caveat operatorsDaniel Wagner-Hall2015-08-191-4/+4
|
* Remove padding space around caveat operatorsDaniel Wagner-Hall2015-08-181-4/+4
|
* Fix some formatting to use tuplesDaniel Wagner-Hall2015-08-181-4/+4
|
* Issue macaroons as opaque auth tokensDaniel Wagner-Hall2015-08-181-6/+13
| | | | | | | | | | | | | This just replaces random bytes with macaroons. The macaroons are not inspected by the client or server. In particular, they claim to have an expiry time, but nothing verifies that they have not expired. Follow-up commits will actually enforce the expiration, and allow for token refresh. See https://bit.ly/matrix-auth for more information
* Simplify LoginHander and AuthHandlerDaniel Wagner-Hall2015-08-121-5/+5
| | | | | | | | | * Merge LoginHandler -> AuthHandler * Add a bunch of documentation * Improve some naming * Remove unused branches I will start merging the actual logic of the two handlers shortly
* Fix v2_alpha registration. Add unit tests.Kegan Dougal2015-07-281-1/+2
| | | | | | | | V2 Registration forced everyone (including ASes) to create a password for a user, when ASes should be able to omit passwords. Also unbreak AS registration in general which checked too early if the given username was claimed by an AS; it was checked before knowing if the AS was the one doing the registration! Add unit tests for AS reg, user reg and disabled_registration flag.
* code beautifyMuthu Subramanian2015-07-081-1/+0
|
* Integrate SAML2 basic authentication - uses pysaml2Muthu Subramanian2015-07-081-0/+30
|
* revert accidental bcrypt gensalt round reduction from loadtestingMark Haines2015-05-071-1/+1
|
* pynacl-0.3.0 was released so we can finally start using it directly from pypiMark Haines2015-05-071-1/+1
|
* pep8David Baker2015-04-171-4/+1
|
* Need to yield the username check, otherwise very very weird things happen.David Baker2015-04-171-1/+1
|
* Oops, left debugging in.David Baker2015-04-161-6/+0
|
* Return user ID in use error straight awayDavid Baker2015-04-161-63/+39
|
* Regstration with email in v2David Baker2015-04-151-1/+5
|
* New registration for C/S API v2. Only ReCAPTCHA working currently.David Baker2015-03-301-1/+10
|
* Factor out user id validation checksErik Johnston2015-03-181-0/+8
|
* Implement exclusive namespace checks.Kegan Dougal2015-02-271-5/+6
|
* Merge branch 'develop' into application-servicesKegan Dougal2015-02-111-5/+8
|\
| * Code-style fixesMark Haines2015-02-101-5/+8
| |
* | Merge branch 'develop' into application-servicesKegan Dougal2015-02-091-0/+17
|\|
| * don't give up if we can't create default avatars during testsMatthew Hodgson2015-02-071-9/+12
| |
| * ...and here's the actual impl. git fail.Matthew Hodgson2015-02-071-0/+14
| |
* | Add errcodes for appservice registrations.Kegan Dougal2015-02-061-4/+7
| |
* | Add m.login.application_service registration procedure.Kegan Dougal2015-02-051-0/+20
| | | | | | | | | | This allows known application services to register any user ID under their own user namespace(s).
* | Prevent user IDs in AS namespaces being created/deleted by humans.Kegan Dougal2015-02-051-0/+16
| |
* | Modify API for SimpleHttpClient.get_json and update usages.Kegan Dougal2015-02-041-23/+33
|/ | | | | | | | | | Previously, this would only return the HTTP body as JSON, and discard other response information (e.g. the HTTP response code). This has now been changed to throw a CodeMessageException on a non-2xx response, with the response code and body, which can then be parsed as JSON. Affected modules include: - Registration/Login (when using an email for IS auth)
* Add matrix.org as a trusted ID server because it's now passed through on ↵David Baker2015-01-281-1/+1
| | | | ports 80/443 and the web client defaults to that now. Fixes email validation (including signing up with an email address).
* Update copyright noticesMark Haines2015-01-061-1/+1
|
* Fix registrationErik Johnston2014-12-081-2/+4
|
* Fix pep8 and pyflakes warningsMark Haines2014-11-201-2/+7
|
* Merge branch 'develop' into http_client_refactorDavid Baker2014-11-201-1/+1
|\
| * Add a few missing yields, Move deferred lists inside PreserveLoggingContext ↵Mark Haines2014-11-201-1/+1
| | | | | | | | because they don't interact well with the logging contexts
* | Separate out the matrix http client completely because just about all of its ↵David Baker2014-11-201-7/+9
| | | | | | | | code it now separate from the simple case we need for standard HTTP(S)
* | Oops, I removed this param.David Baker2014-11-201-2/+0
| |
* | Refactor the HTTP clients a little.David Baker2014-11-201-3/+3
|/
* Use python logger, not the twisted loggerErik Johnston2014-11-031-2/+1
|
* Fix pep8 warningsMark Haines2014-10-301-6/+9
|
* Add get_json method to 3pid http client. Better logging for errors in 3pid ↵Mark Haines2014-10-201-1/+2
| | | | requests
* Fix pyflakes errorsMark Haines2014-10-021-1/+1
|
* Split PlainHttpClient into separate clients for talking to Identity servers ↵Mark Haines2014-10-021-3/+8
| | | | and talking to Capatcha servers
* Split out password/captcha/email logic.Kegan Dougal2014-09-151-56/+64
|
* Reload captchas when they fail. Cleanup on success.Kegan Dougal2014-09-051-2/+2
|
* 80 chars pleaseKegan Dougal2014-09-051-9/+19
|
* Add config opion for XFF headers when performing ReCaptcha auth.Kegan Dougal2014-09-051-0/+1
|
* Captchas now work on registration. Missing x-forwarded-for config arg ↵Kegan Dougal2014-09-051-2/+47
| | | | support. Missing reloading a new captcha on the web client / displaying a sensible error message.
* Merge branch 'develop' of github.com:matrix-org/synapse into developDavid Baker2014-09-031-1/+1
|\ | | | | | | | | Conflicts: synapse/http/client.py
| * fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org ↵Matthew Hodgson2014-09-031-1/+1
| | | | | | | | hasn't been incorporated in time for launch.
* | Add support for registering with a threepid to the HS (get credentials from ↵David Baker2014-09-031-3/+59
|/ | | | the client and check them against an ID server).
* add in whitespace after copyright statements to improve legibilityMatthew Hodgson2014-08-131-0/+1
|
* Reference Matrix Home Servermatrix.org2014-08-121-0/+100