limit register and sign in on number of monthly users

2025-05-02 10:56:06 -04:00 · 2018-07-30 15:55:57 +01:00 · 2018-07-30 15:55:57 +01:00 · 251e6c1210
commit 251e6c1210
parent e9b2d047f6
7 changed files with 166 additions and 3 deletions
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@ -519,6 +519,7 @@ class AuthHandler(BaseHandler):
        """
        logger.info("Logging in user %s on device %s", user_id, device_id)
        access_token = yield self.issue_access_token(user_id, device_id)
+        self._check_mau_limits()

        # the device *should* have been registered before we got here; however,
        # it's possible we raced against a DELETE operation. The thing we
@ -729,6 +730,7 @@ class AuthHandler(BaseHandler):
        defer.returnValue(access_token)

    def validate_short_term_login_token_and_get_user_id(self, login_token):
+        self._check_mau_limits()
        auth_api = self.hs.get_auth()
        try:
            macaroon = pymacaroons.Macaroon.deserialize(login_token)
@ -892,6 +894,17 @@ class AuthHandler(BaseHandler):
        else:
            return defer.succeed(False)

+    def _check_mau_limits(self):
+        """
+        Ensure that if mau blocking is enabled that invalid users cannot
+        log in.
+        """
+        if self.hs.config.limit_usage_by_mau is True:
+            current_mau = self.store.count_monthly_users()
+            if current_mau >= self.hs.config.max_mau_value:
+                raise AuthError(
+                        403, "MAU Limit Exceeded", errcode=Codes.MAU_LIMIT_EXCEEDED
+                )

@attr.s
 class MacaroonGenerator(object):