From 28a6ccb49c57cc686761b9e674b501b3b402e616 Mon Sep 17 00:00:00 2001
From: Matthew Hodgson <matthew@matrix.org>
Date: Fri, 19 Jan 2018 00:19:58 +0000
Subject: add registrations_require_3pid

lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with.
Typically useful for stopping people from registering with non-work emails
---
 synapse/config/registration.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'synapse/config/registration.py')

diff --git a/synapse/config/registration.py b/synapse/config/registration.py
index ef917fc9f2..e5e4f77872 100644
--- a/synapse/config/registration.py
+++ b/synapse/config/registration.py
@@ -31,6 +31,7 @@ class RegistrationConfig(Config):
                 strtobool(str(config["disable_registration"]))
             )
 
+        self.registrations_require_3pid = config.get("registrations_require_3pid", [])
         self.registration_shared_secret = config.get("registration_shared_secret")
 
         self.bcrypt_rounds = config.get("bcrypt_rounds", 12)
@@ -52,6 +53,18 @@ class RegistrationConfig(Config):
         # Enable registration for new users.
         enable_registration: False
 
+        # Mandate that registrations require a 3PID which matches one or more
+        # of these 3PIDs.  N.B. regexp escape backslashes are doubled (once for
+        # YAML and once for the regexp itself)
+        #
+        # registrations_require_3pid:
+        #     - medium: email
+        #       pattern: ".*@matrix\\.org"
+        #     - medium: email
+        #       pattern: ".*@vector\\.im"
+        #     - medium: msisdn
+        #       pattern: "\\+44"
+
         # If set, allows registration by anyone who also has the shared
         # secret, even if registration is otherwise disabled.
         registration_shared_secret: "%(registration_shared_secret)s"
-- 
cgit 1.4.1