summary refs log tree commit diff
path: root/synapse/rest/client/v2_alpha/register.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* move guard out of is_threepid_reserved and into register.pyNeil Johnson2019-01-221-4/+5
|
* Fix None guard in config.server.is_threepid_reservedNeil Johnson2019-01-221-1/+3
|
* Config option to disable requesting MSISDN on registrationNeil Johnson2019-01-211-11/+5
|
* Neilj/fix autojoin (#4223)Neil Johnson2018-11-281-0/+1
| | | | | | * Fix auto join failures for servers that require user consent * Fix auto join failures for servers that require user consent
* Add config variables for enabling terms auth and the policy name (#4142)Travis Ralston2018-11-061-1/+1
| | | | So people can still collect consent the old way if they want to.
* pep8Travis Ralston2018-10-151-10/+2
|
* Auto-consent to the privacy policy if the user registered with termsTravis Ralston2018-10-031-0/+6
|
* Make the terms flow requriedTravis Ralston2018-10-031-4/+4
|
* Incorporate Dave's work for GDPR login flowsTravis Ralston2018-10-031-0/+15
| | | As per https://github.com/vector-im/riot-web/issues/7168#issuecomment-419996117
* improve human readable error messageNeil Johnson2018-09-041-1/+2
|
* improve human readable error messagesNeil Johnson2018-09-041-3/+8
|
* move threepid checker to config, add missing yieldsNeil Johnson2018-08-311-2/+3
|
* ensure post registration auth checks do not fail erroneouslyNeil Johnson2018-08-311-0/+4
|
* fix bug where preserved threepid user comes to sign up and server is mau blockedNeil Johnson2018-08-311-0/+5
|
* Python 3: Convert some unicode/bytes uses (#3569)Amber Brown2018-08-021-6/+6
|
* Refactor REST API tests to use explicit reactors (#3351)Amber Brown2018-07-171-1/+1
|
* Merge pull request #3534 from krombel/use_parse_and_asserts_from_servletAmber Brown2018-07-141-11/+12
|\ | | | | Use parse and asserts from http.servlet
| * rename assert_params_in_request to assert_params_in_dictKrombel2018-07-131-5/+5
| | | | | | | | | | | | the method "assert_params_in_request" does handle dicts and not requests. A request body has to be parsed to json before this method can be used
| * Use parse_{int,str} and assert from http.servletKrombel2018-07-131-8/+9
| | | | | | | | | | | | | | parse_integer and parse_string can take a request and raise errors in case we have wrong or missing params. This PR tries to use them more to deduplicate some code and make it better readable
* | Make auth & transactions more testable (#3499)Amber Brown2018-07-141-3/+2
|/
* run isortAmber Brown2018-07-091-10/+12
|
* Remove run_on_reactor (#3395)Amber Brown2018-06-141-3/+0
|
* Construct HMAC as bytes on py3Adrian Tschira2018-04-291-4/+6
| | | | Signed-off-by: Adrian Tschira <nota@notafile.com>
* move handling of auto_join_rooms to RegisterHandlerKrombel2018-03-141-32/+0
| | | | | | | | | | | | | Currently the handling of auto_join_rooms only works when a user registers itself via public register api. Registrations via registration_shared_secret and ModuleApi do not work This auto_joins the users in the registration handler which enables the auto join feature for all 3 registration paths. This is related to issue #2725 Signed-Off-by: Matthias Kesler <krombel@krombel.de>
* Move RoomMemberHandler out of HandlersErik Johnston2018-03-011-1/+1
|
* fix thinko on 3pid whitelistingMatthew Hodgson2018-01-241-2/+2
|
* fix typo (thanks sytest)Matthew Hodgson2018-01-191-1/+1
|
* oops, check all login typesMatthew Hodgson2018-01-191-14/+11
|
* trailing commasMatthew Hodgson2018-01-191-3/+3
|
* rewrite based on PR feedback:Matthew Hodgson2018-01-191-41/+34
| | | | | | | | | * [ ] split config options into allowed_local_3pids and registrations_require_3pid * [ ] simplify and comment logic for picking registration flows * [ ] fix docstring and move check_3pid_allowed into a new util module * [ ] use check_3pid_allowed everywhere @erikjohnston PTAL
* fix up v1, and improve errorsMatthew Hodgson2018-01-191-4/+12
|
* add registrations_require_3pidMatthew Hodgson2018-01-191-12/+61
| | | | | lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with. Typically useful for stopping people from registering with non-work emails
* Refactor UI auth implementationRichard van der Hoff2017-12-051-6/+3
| | | | | Instead of returning False when auth is incomplete, throw an exception which can be caught with a wrapper.
* Add some more comments appservice user registrationRichard van der Hoff2017-11-101-1/+4
| | | | Explain why we don't validate userids registered via app services
* Downcase userids for shared-secret registrationRichard van der Hoff2017-11-101-2/+20
|
* Downcase userid on registrationRichard van der Hoff2017-11-091-1/+7
| | | | | | Force username to lowercase before attempting to register https://github.com/matrix-org/synapse/issues/2660
* support inhibit_login in /registerRichard van der Hoff2017-11-021-12/+16
| | | | Allow things to pass inhibit_login when registering to ... inhibit logins.
* Break dependency of auth_handler on device_handlerRichard van der Hoff2017-11-011-1/+0
| | | | | | | | | I'm going to need to make the device_handler depend on the auth_handler, so I need to break this dependency to avoid a cycle. It turns out that the auth_handler was only using the device_handler in one place which was an edge case which we can more elegantly handle by throwing an error rather than fixing it up.
* Add config option to auto-join new users to roomsDavid Baker2017-10-161-0/+34
| | | | | New users who register on the server will be dumped into all rooms in auto_join_rooms in the config.
* Modify register/available to be GET with query paramLuke Barnard2017-05-101-5/+4
| | | | | | | - GET is now the method for register/available - a query parameter "username" is now used Also, empty usernames are now handled with an error message on registration or via register/available: `User ID cannot be empty`
* Change register/available to POST (from GET)Luke Barnard2017-05-101-1/+1
|
* Appease the flake8 godsLuke Barnard2017-05-031-5/+10
|
* Implement username availability checkerLuke Barnard2017-05-031-0/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Outlined here: https://github.com/vector-im/riot-web/issues/3605#issuecomment-298679388 ```HTTP GET /_matrix/.../register/available { "username": "desiredlocalpart123" } ``` If available, the response looks like ```HTTP HTTP/1.1 200 OK { "available": true } ``` Otherwise, ```HTTP HTTP/1.1 429 { "errcode": "M_LIMIT_EXCEEDED", "error": "Too Many Requests", "retry_after_ms": 2000 } ``` or ```HTTP HTTP/1.1 400 { "errcode": "M_USER_IN_USE", "error": "User ID already taken." } ``` or ```HTTP HTTP/1.1 400 { "errcode": "M_INVALID_USERNAME", "error": "Some reason for username being invalid" } ```
* Add another missing yield on check_device_registeredRichard van der Hoff2017-03-231-1/+1
|
* Use extend instead of +=David Baker2017-03-141-4/+4
|
* Oops, remove printDavid Baker2017-03-141-1/+0
|
* Fix registration for broken clientsDavid Baker2017-03-131-4/+22
| | | | Only offer msisdn flows if the x_show_msisdn option is given.
* Support registration / login with phone numberDavid Baker2017-03-131-16/+104
| | | | Changes from https://github.com/matrix-org/synapse/pull/1971
* Revert "Support registration & login with phone number"Erik Johnston2017-03-131-104/+16
|
* Comment when our 3pids would be incompleteDavid Baker2017-03-081-0/+2
|
* Better error messageDavid Baker2017-03-081-1/+3
|
* Minor fixes from PR feedbackDavid Baker2017-03-081-4/+2
|
* TyposDavid Baker2017-03-081-2/+2
|
* Refector out assert_params_in_requestDavid Baker2017-03-081-18/+8
| | | | and replace requestEmailToken where we meant requestMsisdnToken
* Factor out msisdn canonicalisationDavid Baker2017-03-081-9/+2
| | | | Plus a couple of other minor fixes
* Fix pep8David Baker2017-03-081-1/+1
|
* Add msisdns as 3pids during registrationDavid Baker2017-03-031-0/+47
| | | | and support binding them with the bind_msisdn param
* WIP support for msisdn 3pid proxy methodsDavid Baker2017-02-141-5/+61
|
* Fix email push in pusher workerErik Johnston2017-02-021-1/+2
| | | | | | This was broken when device list updates were implemented, as Mailer could no longer instantiate an AuthHandler due to a dependency on federation sending.
* Fix doc-stringRichard van der Hoff2016-12-011-2/+1
| | | | Remove refresh_token reference
* Rip out more refresh_token codeRichard van der Hoff2016-11-301-2/+0
| | | | | | | | We might as well treat all refresh_tokens as invalid. Just return a 403 from /tokenrefresh, so that we don't have a load of dead, untestable code hanging around. Still TODO: removing the table from the schema.
* Merge branch 'develop' into rav/no_more_refresh_tokensRichard van der Hoff2016-11-301-4/+15
|\
| * Give guest users a device_idRichard van der Hoff2016-11-251-4/+15
| | | | | | | | | | We need to create devices for guests so that they can use e2e, but we don't have anywhere to store it, so just use a fixed one.
* | Stop generating refresh tokensRichard van der Hoff2016-11-281-3/+2
|/ | | | | | | Since we're not doing refresh tokens any more, we should start killing off the dead code paths. /tokenrefresh itself is a bit of a thornier subject, since there might be apps out there using it, but we can at least not generate refresh tokens on new logins.
* Fix flake8Mark Haines2016-11-181-1/+0
|
* Work around client replacing reg paramsDavid Baker2016-11-181-0/+12
| | | | | Works around https://github.com/vector-im/vector-android/issues/715 and equivalent for iOS
* Add helper function for getting access_tokens from requestsMark Haines2016-09-091-2/+4
| | | | | | Rather than reimplementing the token parsing in the various places. This will make it easier to change the token parsing to allow access_tokens in HTTP headers.
* Preserve some logcontextsErik Johnston2016-08-241-2/+1
|
* Fix adding emails on registrationDavid Baker2016-07-291-9/+7
| | | | Synapse was not adding email addresses to accounts registered with an email address, due to too many different variables called 'result'. Rename both of them. Also remove the defer.returnValue() with no params because that's not a thing.
* Implement deleting devicesRichard van der Hoff2016-07-261-5/+5
|
* Preserve device_id from first call to /registerRichard van der Hoff2016-07-211-11/+10
| | | | | device_id may only be passed in the first call to /register, so make sure we fish it out of the register `params` rather than the body of the final call.
* Register a device_id in the /v2/register flow.Richard van der Hoff2016-07-201-15/+39
| | | | | | | | | | This doesn't cover *all* of the registration flows, but it does cover the most common ones: in particular: shared_secret registration, appservice registration, and normal user/pass registration. Pull device_id from the registration parameters. Register the device in the devices table. Associate the device with the returned access and refresh tokens. Profit.
* Merge pull request #933 from matrix-org/rav/type_annotationsRichard van der Hoff2016-07-201-0/+9
|\ | | | | Type annotations
| * Type annotationsRichard van der Hoff2016-07-191-0/+9
| | | | | | | | | | Add some type annotations to help PyCharm (in particular) to figure out the types of a bunch of things.
* | Further registration refactoringRichard van der Hoff2016-07-191-13/+37
|/ | | | | | | | | | | | | | * `RegistrationHandler.appservice_register` no longer issues an access token: instead it is left for the caller to do it. (There are two of these, one in `synapse/rest/client/v1/register.py`, which now simply calls `AuthHandler.issue_access_token`, and the other in `synapse/rest/client/v2_alpha/register.py`, which is covered below). * In `synapse/rest/client/v2_alpha/register.py`, move the generation of access_tokens into `_create_registration_details`. This means that the normal flow no longer needs to call `AuthHandler.issue_access_token`; the shared-secret flow can tell `RegistrationHandler.register` not to generate a token; and the appservice flow continues to work despite the above change.
* Don't bind email unless threepid contains expected fieldsRichard van der Hoff2016-07-191-28/+25
|
* rest/client/v2_alpha/register.py: Refactor flow somewhat.Richard van der Hoff2016-07-191-75/+102
| | | | | | | | | | | This is meant to be an *almost* non-functional change, with the exception that it fixes what looks a lot like a bug in that it only calls `auth_handler.add_threepid` and `add_pusher` once instead of three times. The idea is to move the generation of the `access_token` out of `registration_handler.register`, because `access_token`s now require a device_id, and we only want to generate a device_id once registration has been successful.
* Use body.get to check for 'user'Will Hunt2016-07-161-2/+1
|
* Fall back to 'username' if 'user' is not given for appservice reg.Will Hunt2016-07-161-3/+5
|
* on_OPTIONS isn't neccessaryDavid Baker2016-07-121-3/+0
|
* Separate out requestTokens to separate handlersDavid Baker2016-07-111-28/+37
|
* Split out the auth handlerDavid Baker2016-06-021-1/+1
|
* More consistent config namingDavid Baker2016-05-101-1/+1
|
* Add config option to not send email notifs for new usersDavid Baker2016-05-101-1/+4
|
* Add an email pusher for new usersDavid Baker2016-04-291-0/+26
| | | | If they registered with an email address and email notifs are enabled on the HS
* Make v2_alpha reg follow the AS API specificationKegan Dougal2016-04-141-0/+5
| | | | | | The spec is clear the key should be 'user' not 'username' and this is indeed the case for v1. This is not true for v2_alpha though, which is what this commit is fixing.
* remove debug loggingDavid Baker2016-03-161-3/+0
|
* Unused importDavid Baker2016-03-161-1/+0
|
* Make registration idempotent, part 2: be idempotent if the client specifies ↵David Baker2016-03-161-5/+17
| | | | a username.
* pep8 & remove debug loggingDavid Baker2016-03-161-4/+5
|
* Make registration idempotent: if you specify the same session, make it give ↵David Baker2016-03-161-1/+26
| | | | you an access token for the user that was registered on previous uses of that session. Tweak the UI auth layer to not delete sessions when their auth has completed and hence expire themn so they don't hang around until server restart. Allow server-side data to be associated with UI auth sessions.
* Register endpoint returns refresh_tokenblide2016-03-101-5/+8
| | | | Guest registration still doesn't return refresh_token
* Add a parse_json_object functionMark Haines2016-03-091-4/+4
| | | | | to deduplicate all the copy+pasted _parse_json functions. Also document the parse_.* functions.
* Rename config field to reflect yaml nameDaniel Wagner-Hall2016-02-031-1/+1
|
* Fix flake8 warnings for new flake8Daniel Wagner-Hall2016-02-021-1/+2
|
* Pull guest access token out of the auth session params, otherwise it will ↵David Baker2016-02-011-0/+1
| | | | break if you open the email on a different device.
* Add is_guest flag to users db to track whether a user is a guest user or ↵David Baker2016-01-061-1/+4
| | | | not. Use this so we can run _filter_events_for_client when calculating event_push_actions.
* Allow guests to upgrade their accountsDaniel Wagner-Hall2016-01-051-3/+9
|
* Host /unstable and /r0 versions of r0 APIsDaniel Wagner-Hall2015-12-011-2/+2
|
* Allow guests to register and call /events?room_id=Daniel Wagner-Hall2015-11-041-1/+26
| | | | | | | This follows the same flows-based flow as regular registration, but as the only implemented flow has no requirements, it auto-succeeds. In the future, other flows (e.g. captcha) may be required, so clients should treat this like the regular registration flow choices.
* Merge pull request #211 from matrix-org/email_in_useMark Haines2015-08-201-0/+28
|\ | | | | Changes for unique emails
| * Check absent before trying to access keysDavid Baker2015-08-121-3/+3
| |
| * Just leaving off the $ is fine. r* == registerrrrrrrrrDavid Baker2015-08-121-1/+1
| |
| * Remember to yield: not much point testing is a deferred is not NoneDavid Baker2015-08-041-1/+2
| |
| * splt long lineDavid Baker2015-08-041-1/+3
| |
| * Add endpoint that proxies ID server request token and errors if the given ↵David Baker2015-08-041-1/+26
| | | | | | | | email is in use on this Home Server.
* | Simplify LoginHander and AuthHandlerDaniel Wagner-Hall2015-08-121-2/+1
|/ | | | | | | | | * Merge LoginHandler -> AuthHandler * Add a bunch of documentation * Improve some naming * Remove unused branches I will start merging the actual logic of the two handlers shortly
* Don't try & check the username if we don't have one (which we won't if it's ↵David Baker2015-08-031-1/+2
| | | | been saved in the auth layer)
* Use the same reg paths as register v1 for ASes.Kegan Dougal2015-07-291-4/+6
| | | | Namely this means using registration_handler.appservice_register.
* Fix v2_alpha registration. Add unit tests.Kegan Dougal2015-07-281-54/+70
| | | | | | | | V2 Registration forced everyone (including ASes) to create a password for a user, when ASes should be able to omit passwords. Also unbreak AS registration in general which checked too early if the given username was claimed by an AS; it was checked before knowing if the AS was the one doing the registration! Add unit tests for AS reg, user reg and disabled_registration flag.
* pep8 + debug lineDavid Baker2015-07-151-6/+8
|
* Add back in support for remembering parameters submitted to a ↵David Baker2015-07-151-2/+9
| | | | user-interactive auth call.
* Make shared secret registration work againDavid Baker2015-05-141-1/+4
|
* More underscoresDavid Baker2015-04-241-2/+2
|
* Use underscores instead of camelcase for id server stuffDavid Baker2015-04-241-2/+2
|
* make add3pid servlet workDavid Baker2015-04-171-12/+26
|
* Return user ID in use error straight awayDavid Baker2015-04-161-2/+23
|
* Dummy login so we can do the first POST request to get login flows without ↵David Baker2015-04-151-4/+14
| | | | it just succeeding
* Regstration with email in v2David Baker2015-04-151-4/+4
|
* Add app service auth back in to v2 registerDavid Baker2015-04-021-2/+7
|
* Add shared secret auth into register v2 and switch the script over.David Baker2015-04-021-11/+58
|
* Completely replace fallback auth for C/S V2:David Baker2015-04-011-1/+1
| | | | | | | * Now only the auth part goes to fallback, not the whole operation * Auth fallback is a normal API endpoint, not a static page * Params like the recaptcha pubkey can just live in the config Involves a little engineering on JsonResource so its servlets aren't always forced to return JSON. I should document this more, in fact I'll do that now.
* pep8David Baker2015-03-311-2/+2
|
* New registration for C/S API v2. Only ReCAPTCHA working currently.David Baker2015-03-301-0/+86
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-18 19:05:41 +0000