Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-02 12:16:09 -04:00
Code Issues Projects Releases Packages Wiki Activity

Generate guest access token on 3pid invites

Browse source 
This means that following the same link across multiple sessions or
devices can re-use the same guest account.

Note that this is somewhat of an abuse vector; we can't throw up
captchas on this flow, so this is a way of registering ephemeral
accounts for spam, whose sign-up we don't rate limit.
This commit is contained in:
Daniel Wagner-Hall 2016-02-24 14:41:25 +00:00 committed by review.rocks
parent 869580206d
commit 33300673b7
4 changed files with 91 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
synapse/handlers/room.py
View file

@ -848,6 +848,13 @@ class RoomMemberHandler(BaseHandler):
user.
"""
registration_handler = self.hs.get_handlers().registration_handler
guest_access_token = yield registration_handler.guest_access_token_for(
medium=medium,
address=address,
inviter_user_id=inviter_user_id,
)
is_url = "%s%s/_matrix/identity/api/v1/store-invite" % (
id_server_scheme, id_server,
)
@ -864,6 +871,7 @@ class RoomMemberHandler(BaseHandler):
"sender": inviter_user_id,
"sender_display_name": inviter_display_name,
"sender_avatar_url": inviter_avatar_url,
"guest_access_token": guest_access_token,
}
)
# TODO: Check for success