80 chars please
parent
37e53513b6
commit
3ea6f01b4e
|
@ -17,7 +17,9 @@
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
from synapse.types import UserID
|
from synapse.types import UserID
|
||||||
from synapse.api.errors import SynapseError, RegistrationError, InvalidCaptchaError
|
from synapse.api.errors import (
|
||||||
|
SynapseError, RegistrationError, InvalidCaptchaError
|
||||||
|
)
|
||||||
from ._base import BaseHandler
|
from ._base import BaseHandler
|
||||||
import synapse.util.stringutils as stringutils
|
import synapse.util.stringutils as stringutils
|
||||||
from synapse.http.client import PlainHttpClient
|
from synapse.http.client import PlainHttpClient
|
||||||
|
@ -38,7 +40,8 @@ class RegistrationHandler(BaseHandler):
|
||||||
self.distributor.declare("registered_user")
|
self.distributor.declare("registered_user")
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def register(self, localpart=None, password=None, threepidCreds=None, captcha_info={}):
|
def register(self, localpart=None, password=None, threepidCreds=None,
|
||||||
|
captcha_info={}):
|
||||||
"""Registers a new client on the server.
|
"""Registers a new client on the server.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
|
@ -59,7 +62,8 @@ class RegistrationHandler(BaseHandler):
|
||||||
captcha_info["response"]
|
captcha_info["response"]
|
||||||
)
|
)
|
||||||
if not captcha_response["valid"]:
|
if not captcha_response["valid"]:
|
||||||
logger.info("Invalid captcha entered from %s", captcha_info["ip"])
|
logger.info("Invalid captcha entered from %s",
|
||||||
|
captcha_info["ip"])
|
||||||
raise InvalidCaptchaError(
|
raise InvalidCaptchaError(
|
||||||
error_url=captcha_response["error_url"]
|
error_url=captcha_response["error_url"]
|
||||||
)
|
)
|
||||||
|
@ -68,7 +72,8 @@ class RegistrationHandler(BaseHandler):
|
||||||
|
|
||||||
if threepidCreds:
|
if threepidCreds:
|
||||||
for c in threepidCreds:
|
for c in threepidCreds:
|
||||||
logger.info("validating theeepidcred sid %s on id server %s", c['sid'], c['idServer'])
|
logger.info("validating theeepidcred sid %s on id server %s",
|
||||||
|
c['sid'], c['idServer'])
|
||||||
try:
|
try:
|
||||||
threepid = yield self._threepid_from_creds(c)
|
threepid = yield self._threepid_from_creds(c)
|
||||||
except:
|
except:
|
||||||
|
@ -77,7 +82,8 @@ class RegistrationHandler(BaseHandler):
|
||||||
|
|
||||||
if not threepid:
|
if not threepid:
|
||||||
raise RegistrationError(400, "Couldn't validate 3pid")
|
raise RegistrationError(400, "Couldn't validate 3pid")
|
||||||
logger.info("got threepid medium %s address %s", threepid['medium'], threepid['address'])
|
logger.info("got threepid medium %s address %s",
|
||||||
|
threepid['medium'], threepid['address'])
|
||||||
|
|
||||||
password_hash = None
|
password_hash = None
|
||||||
if password:
|
if password:
|
||||||
|
@ -145,7 +151,8 @@ class RegistrationHandler(BaseHandler):
|
||||||
# XXX: make this configurable!
|
# XXX: make this configurable!
|
||||||
trustedIdServers = [ 'matrix.org:8090' ]
|
trustedIdServers = [ 'matrix.org:8090' ]
|
||||||
if not creds['idServer'] in trustedIdServers:
|
if not creds['idServer'] in trustedIdServers:
|
||||||
logger.warn('%s is not a trusted ID server: rejecting 3pid credentials', creds['idServer'])
|
logger.warn('%s is not a trusted ID server: rejecting 3pid '+
|
||||||
|
'credentials', creds['idServer'])
|
||||||
defer.returnValue(None)
|
defer.returnValue(None)
|
||||||
data = yield httpCli.get_json(
|
data = yield httpCli.get_json(
|
||||||
creds['idServer'],
|
creds['idServer'],
|
||||||
|
@ -163,7 +170,8 @@ class RegistrationHandler(BaseHandler):
|
||||||
data = yield httpCli.post_urlencoded_get_json(
|
data = yield httpCli.post_urlencoded_get_json(
|
||||||
creds['idServer'],
|
creds['idServer'],
|
||||||
"/_matrix/identity/api/v1/3pid/bind",
|
"/_matrix/identity/api/v1/3pid/bind",
|
||||||
{ 'sid': creds['sid'], 'clientSecret': creds['clientSecret'], 'mxid':mxid }
|
{ 'sid': creds['sid'], 'clientSecret': creds['clientSecret'],
|
||||||
|
'mxid':mxid }
|
||||||
)
|
)
|
||||||
defer.returnValue(data)
|
defer.returnValue(data)
|
||||||
|
|
||||||
|
@ -175,12 +183,14 @@ class RegistrationHandler(BaseHandler):
|
||||||
dict: Containing 'valid'(bool) and 'error_url'(str) if invalid.
|
dict: Containing 'valid'(bool) and 'error_url'(str) if invalid.
|
||||||
|
|
||||||
"""
|
"""
|
||||||
response = yield self._submit_captcha(ip_addr, private_key, challenge, response)
|
response = yield self._submit_captcha(ip_addr, private_key, challenge,
|
||||||
|
response)
|
||||||
# parse Google's response. Lovely format..
|
# parse Google's response. Lovely format..
|
||||||
lines = response.split('\n')
|
lines = response.split('\n')
|
||||||
json = {
|
json = {
|
||||||
"valid": lines[0] == 'true',
|
"valid": lines[0] == 'true',
|
||||||
"error_url": "http://www.google.com/recaptcha/api/challenge?error=%s" % lines[1]
|
"error_url": "http://www.google.com/recaptcha/api/challenge?"+
|
||||||
|
"error=%s" % lines[1]
|
||||||
}
|
}
|
||||||
defer.returnValue(json)
|
defer.returnValue(json)
|
||||||
|
|
||||||
|
|
|
@ -58,11 +58,13 @@ class RegisterRestServlet(RestServlet):
|
||||||
try:
|
try:
|
||||||
captcha_type = register_json["captcha"]["type"]
|
captcha_type = register_json["captcha"]["type"]
|
||||||
if captcha_type != "m.login.recaptcha":
|
if captcha_type != "m.login.recaptcha":
|
||||||
raise SynapseError(400, "Sorry, only m.login.recaptcha requests are supported.")
|
raise SynapseError(400, "Sorry, only m.login.recaptcha " +
|
||||||
|
"requests are supported.")
|
||||||
challenge = register_json["captcha"]["challenge"]
|
challenge = register_json["captcha"]["challenge"]
|
||||||
user_response = register_json["captcha"]["response"]
|
user_response = register_json["captcha"]["response"]
|
||||||
except KeyError:
|
except KeyError:
|
||||||
raise SynapseError(400, "Captcha response is required", errcode=Codes.CAPTCHA_NEEDED)
|
raise SynapseError(400, "Captcha response is required",
|
||||||
|
errcode=Codes.CAPTCHA_NEEDED)
|
||||||
|
|
||||||
# TODO determine the source IP : May be an X-Forwarding-For header depending on config
|
# TODO determine the source IP : May be an X-Forwarding-For header depending on config
|
||||||
ip_addr = request.getClientIP()
|
ip_addr = request.getClientIP()
|
||||||
|
|
Loading…
Reference in New Issue