From ec781af214b1ee67fc967ba2aa6f0b646d5053e0 Mon Sep 17 00:00:00 2001
From: Andrew Morgan <andrew@amorgan.xyz>
Date: Fri, 24 May 2019 15:38:51 +0100
Subject: Reimplementation of /submitToken on the homeserver side. Only used by
 password resets

This PR creates an endpoint GET/POST /_matrix/identity/api/v1/validate/email/submitToken
which mirrors the same endpoint on the identity server used for submitting tokens
used for validating 3PID addresses.

When the token is submitted, it is checked along with the client_secret and session_id in
the db and if it matches and isn't expired, we mark the session as validated. Then, when
the user attempts to change their password, we check if the session is valid, and if so
allow it. We also delete the session at this point, as as far as I can tell there's no
further use for it.
---
 synapse/res/templates/password_reset.html         | 10 ++++++++++
 synapse/res/templates/password_reset.txt          |  5 +++++
 synapse/res/templates/password_reset_failure.html |  6 ++++++
 synapse/res/templates/password_reset_success.html |  6 ++++++
 4 files changed, 27 insertions(+)
 create mode 100644 synapse/res/templates/password_reset.html
 create mode 100644 synapse/res/templates/password_reset.txt
 create mode 100644 synapse/res/templates/password_reset_failure.html
 create mode 100644 synapse/res/templates/password_reset_success.html

(limited to 'synapse/res')

diff --git a/synapse/res/templates/password_reset.html b/synapse/res/templates/password_reset.html
new file mode 100644
index 0000000000..68673df8ae
--- /dev/null
+++ b/synapse/res/templates/password_reset.html
@@ -0,0 +1,10 @@
+<html>
+<title>time to reset your password!!!</title>
+<body>
+    <p>here's the link you forgetful person you!</p>
+
+    <a href="{{ link }}">Reset your password</a>
+
+    <p>now get on back to happy town!</p>
+</body>
+</html>
diff --git a/synapse/res/templates/password_reset.txt b/synapse/res/templates/password_reset.txt
new file mode 100644
index 0000000000..0744747a7d
--- /dev/null
+++ b/synapse/res/templates/password_reset.txt
@@ -0,0 +1,5 @@
+here's the link you forgetful person you!
+
+{{ link }}
+
+now get on back to happy town!
diff --git a/synapse/res/templates/password_reset_failure.html b/synapse/res/templates/password_reset_failure.html
new file mode 100644
index 0000000000..0b132cf8db
--- /dev/null
+++ b/synapse/res/templates/password_reset_failure.html
@@ -0,0 +1,6 @@
+<html>
+<head></head>
+<body>
+<p>{{ failure_reason }}. Your password has not been reset.</p>
+</body>
+</html>
diff --git a/synapse/res/templates/password_reset_success.html b/synapse/res/templates/password_reset_success.html
new file mode 100644
index 0000000000..7b6fa5e6f0
--- /dev/null
+++ b/synapse/res/templates/password_reset_success.html
@@ -0,0 +1,6 @@
+<html>
+<head></head>
+<body>
+<p>Your password was successfully reset. You may now close this window.</p>
+</body>
+</html>
-- 
cgit 1.5.1