Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Don't warn user about password reset disabling through config code #5387

Merged
merged 2 commits into from
Jun 10, 2019
Merged

Don't warn user about password reset disabling through config code #5387

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0b1d9d5
Remove password reset disabling for msisdn. Warn about email config
anoadragon453 Jun 7, 2019
4807da0
Add changelog
anoadragon453 Jun 7, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/5387.bugfix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Warn about disabling email-based password resets when a reset occurs, and remove warning when someone attempts a phone-based reset.
11 changes: 5 additions & 6 deletions synapse/config/emailconfig.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,15 +19,12 @@

# This file can't be called email.py because if it is, we cannot:
import email.utils
import logging
import os

import pkg_resources

from ._base import Config, ConfigError

logger = logging.getLogger(__name__)


class EmailConfig(Config):
def read_config(self, config):
Expand Down Expand Up @@ -85,10 +82,12 @@ def read_config(self, config):
self.email_password_reset_behaviour = (
"remote" if email_trust_identity_server_for_password_resets else "local"
)
self.password_resets_were_disabled_due_to_email_config = False
if self.email_password_reset_behaviour == "local" and email_config == {}:
logger.warn(
"User password resets have been disabled due to lack of email config"
)
# We cannot warn the user this has happened here
# Instead do so when a user attempts to reset their password
self.password_resets_were_disabled_due_to_email_config = True

self.email_password_reset_behaviour = "off"

# Get lifetime of a validation token in milliseconds
Expand Down
19 changes: 15 additions & 4 deletions synapse/rest/client/v2_alpha/account.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,13 @@ def __init__(self, hs):
@defer.inlineCallbacks
def on_POST(self, request):
if self.config.email_password_reset_behaviour == "off":
raise SynapseError(400, "Password resets have been disabled on this server")
if self.config.password_resets_were_disabled_due_to_email_config:
logger.warn(
"User password resets have been disabled due to lack of email config"
)
raise SynapseError(
400, "Email-based password resets have been disabled on this server",
)

body = parse_json_object_from_request(request)

Expand Down Expand Up @@ -196,9 +202,6 @@ def __init__(self, hs):

@defer.inlineCallbacks
def on_POST(self, request):
if not self.config.email_password_reset_behaviour == "off":
raise SynapseError(400, "Password resets have been disabled on this server")

body = parse_json_object_from_request(request)

assert_params_in_dict(body, [
Expand Down Expand Up @@ -251,6 +254,14 @@ def on_GET(self, request, medium):
400,
"This medium is currently not supported for password resets",
)
if self.config.email_password_reset_behaviour == "off":
if self.config.password_resets_were_disabled_due_to_email_config:
logger.warn(
"User password resets have been disabled due to lack of email config"
)
raise SynapseError(
400, "Email-based password resets have been disabled on this server",
)

sid = parse_string(request, "sid")
client_secret = parse_string(request, "client_secret")
Expand Down