MatrixSynapse/synapse/rest/client/v1/login.py

# -*- coding: utf-8 -*-
# Copyright 2014, 2015 OpenMarket Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

from twisted.internet import defer

from synapse.api.errors import SynapseError
from synapse.types import UserID
from base import ClientV1RestServlet, client_path_pattern

import json


class LoginRestServlet(ClientV1RestServlet):
    PATTERN = client_path_pattern("/login$")
    PASS_TYPE = "m.login.password"

    def on_GET(self, request):
        return (200, {"flows": [{"type": LoginRestServlet.PASS_TYPE}]})

    def on_OPTIONS(self, request):
        return (200, {})

    @defer.inlineCallbacks
    def on_POST(self, request):
        login_submission = _parse_json(request)
        try:
            if login_submission["type"] == LoginRestServlet.PASS_TYPE:
                result = yield self.do_password_login(login_submission)
                defer.returnValue(result)
            else:
                raise SynapseError(400, "Bad login type.")
        except KeyError:
            raise SynapseError(400, "Missing JSON keys.")

    @defer.inlineCallbacks
    def do_password_login(self, login_submission):
        if not login_submission["user"].startswith('@'):
            login_submission["user"] = UserID.create(
                login_submission["user"], self.hs.hostname).to_string()

        handler = self.handlers.login_handler
        token = yield handler.login(
            user=login_submission["user"],
            password=login_submission["password"])

        result = {
            "user_id": login_submission["user"],  # may have changed
            "access_token": token,
            "home_server": self.hs.hostname,
        }

        defer.returnValue((200, result))


class LoginFallbackRestServlet(ClientV1RestServlet):
    PATTERN = client_path_pattern("/login/fallback$")

    def on_GET(self, request):
        # TODO(kegan): This should be returning some HTML which is capable of
        # hitting LoginRestServlet
        return (200, {})


class PasswordResetRestServlet(ClientV1RestServlet):
    PATTERN = client_path_pattern("/login/reset")

    @defer.inlineCallbacks
    def on_POST(self, request):
        reset_info = _parse_json(request)
        try:
            email = reset_info["email"]
            user_id = reset_info["user_id"]
            handler = self.handlers.login_handler
            yield handler.reset_password(user_id, email)
            # purposefully give no feedback to avoid people hammering different
            # combinations.
            defer.returnValue((200, {}))
        except KeyError:
            raise SynapseError(
                400,
                "Missing keys. Requires 'email' and 'user_id'."
            )


def _parse_json(request):
    try:
        content = json.loads(request.content.read())
        if type(content) != dict:
            raise SynapseError(400, "Content must be a JSON object.")
        return content
    except ValueError:
        raise SynapseError(400, "Content not JSON.")


def register_servlets(hs, http_server):
    LoginRestServlet(hs).register(http_server)
    # TODO PasswordResetRestServlet(hs).register(http_server)
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00			`# -- coding: utf-8 --`
Update copyright notices 2015-01-06 14:21:39 +01:00			`# Copyright 2014, 2015 OpenMarket Ltd`
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
add in whitespace after copyright statements to improve legibility 2014-08-13 04:14:34 +02:00
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00			`from twisted.internet import defer`

			`from synapse.api.errors import SynapseError`
Pass back the user_id in the response to /login in case it has changed. Store and use that on the webclient rather than the input field. 2014-08-14 17:40:15 +02:00			`from synapse.types import UserID`
Extract the client v1 base RestServlet to a separate class 2015-01-23 15:09:51 +01:00			`from base import ClientV1RestServlet, client_path_pattern`
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00
			`import json`


Extract the client v1 base RestServlet to a separate class 2015-01-23 15:09:51 +01:00			`class LoginRestServlet(ClientV1RestServlet):`
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00			`PATTERN = client_path_pattern("/login$")`
			`PASS_TYPE = "m.login.password"`

			`def on_GET(self, request):`
Support multiple login flows when deciding how to login. Updated cmdclient and spec. Webclient doesn't need updating for this. 2014-08-28 15:56:55 +02:00			`return (200, {"flows": [{"type": LoginRestServlet.PASS_TYPE}]})`
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00
			`def on_OPTIONS(self, request):`
			`return (200, {})`

			`@defer.inlineCallbacks`
			`def on_POST(self, request):`
			`login_submission = _parse_json(request)`
			`try:`
			`if login_submission["type"] == LoginRestServlet.PASS_TYPE:`
			`result = yield self.do_password_login(login_submission)`
			`defer.returnValue(result)`
			`else:`
			`raise SynapseError(400, "Bad login type.")`
			`except KeyError:`
			`raise SynapseError(400, "Missing JSON keys.")`

			`@defer.inlineCallbacks`
			`def do_password_login(self, login_submission):`
Pass back the user_id in the response to /login in case it has changed. Store and use that on the webclient rather than the input field. 2014-08-14 17:40:15 +02:00			`if not login_submission["user"].startswith('@'):`
Change DomainSpecificString so that it doesn't use a HomeServer object 2014-12-02 11:42:28 +01:00			`login_submission["user"] = UserID.create(`
			`login_submission["user"], self.hs.hostname).to_string()`
Pass back the user_id in the response to /login in case it has changed. Store and use that on the webclient rather than the input field. 2014-08-14 17:40:15 +02:00
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00			`handler = self.handlers.login_handler`
			`token = yield handler.login(`
			`user=login_submission["user"],`
			`password=login_submission["password"])`

			`result = {`
Pass back the user_id in the response to /login in case it has changed. Store and use that on the webclient rather than the input field. 2014-08-14 17:40:15 +02:00			`"user_id": login_submission["user"], # may have changed`
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00			`"access_token": token,`
			`"home_server": self.hs.hostname,`
			`}`

			`defer.returnValue((200, result))`


Extract the client v1 base RestServlet to a separate class 2015-01-23 15:09:51 +01:00			`class LoginFallbackRestServlet(ClientV1RestServlet):`
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00			`PATTERN = client_path_pattern("/login/fallback$")`

			`def on_GET(self, request):`
			`# TODO(kegan): This should be returning some HTML which is capable of`
			`# hitting LoginRestServlet`
Empty string is not a valid JSON object, so don't return them in HTTP responses. 2014-09-04 19:09:17 +02:00			`return (200, {})`
Reference Matrix Home Server 2014-08-12 16:10:52 +02:00

Extract the client v1 base RestServlet to a separate class 2015-01-23 15:09:51 +01:00			`class PasswordResetRestServlet(ClientV1RestServlet):`
Added PasswordResetRestServlet. Hit the IS to confirm the email/user. Need to send email. 2014-09-16 12:22:40 +02:00			`PATTERN = client_path_pattern("/login/reset")`

			`@defer.inlineCallbacks`
			`def on_POST(self, request):`
			`reset_info = _parse_json(request)`
			`try:`
			`email = reset_info["email"]`
			`user_id = reset_info["user_id"]`
			`handler = self.handlers.login_handler`
			`yield handler.reset_password(user_id, email)`
			`# purposefully give no feedback to avoid people hammering different`
			`# combinations.`
			`defer.returnValue((200, {}))`
			`except KeyError:`
			`raise SynapseError(`
			`400,`
			`"Missing keys. Requires 'email' and 'user_id'."`
			`)`


Reference Matrix Home Server 2014-08-12 16:10:52 +02:00			`def _parse_json(request):`
			`try:`
			`content = json.loads(request.content.read())`
			`if type(content) != dict:`
			`raise SynapseError(400, "Content must be a JSON object.")`
			`return content`
			`except ValueError:`
			`raise SynapseError(400, "Content not JSON.")`


			`def register_servlets(hs, http_server):`
			`LoginRestServlet(hs).register(http_server)`
Comment out password reset for now, until the mechanism is fully discussed (IS token auth vs HS auth) 2014-09-16 14:32:33 +02:00			`# TODO PasswordResetRestServlet(hs).register(http_server)`