Support registration / login with phone number

Changes from https://github.com/matrix-org/synapse/pull/1971
2025-05-02 18:04:49 -04:00 · 2017-03-13 17:27:51 +00:00 · 2017-03-13 17:27:51 +00:00 · 73a5f06652
commit 73a5f06652
parent 31f3ca1b2b
9 changed files with 395 additions and 50 deletions
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 # Copyright 2015 - 2016 OpenMarket Ltd
+# Copyright 2017 Vector Creations Ltd
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -19,7 +20,10 @@ import synapse
 from synapse.api.auth import get_access_token_from_request, has_access_token
 from synapse.api.constants import LoginType
 from synapse.api.errors import SynapseError, Codes, UnrecognizedRequestError
-from synapse.http.servlet import RestServlet, parse_json_object_from_request
+from synapse.http.servlet import (
+    RestServlet, parse_json_object_from_request, assert_params_in_request
+)
+from synapse.util.msisdn import phone_number_to_msisdn

 from ._base import client_v2_patterns

@ -43,7 +47,7 @@ else:
 logger = logging.getLogger(__name__)


-class RegisterRequestTokenRestServlet(RestServlet):
+class EmailRegisterRequestTokenRestServlet(RestServlet):
    PATTERNS = client_v2_patterns("/register/email/requestToken$")

    def __init__(self, hs):
@ -51,7 +55,7 @@ class RegisterRequestTokenRestServlet(RestServlet):
        Args:
            hs (synapse.server.HomeServer): server
        """
-        super(RegisterRequestTokenRestServlet, self).__init__()
+        super(EmailRegisterRequestTokenRestServlet, self).__init__()
        self.hs = hs
        self.identity_handler = hs.get_handlers().identity_handler

@ -59,14 +63,9 @@ class RegisterRequestTokenRestServlet(RestServlet):
    def on_POST(self, request):
        body = parse_json_object_from_request(request)

-        required = ['id_server', 'client_secret', 'email', 'send_attempt']
-        absent = []
-        for k in required:
-            if k not in body:
-                absent.append(k)
-
-        if len(absent) > 0:
-            raise SynapseError(400, "Missing params: %r" % absent, Codes.MISSING_PARAM)
+        assert_params_in_request(body, [
+            'id_server', 'client_secret', 'email', 'send_attempt'
+        ])

        existingUid = yield self.hs.get_datastore().get_user_id_by_threepid(
            'email', body['email']
@ -79,6 +78,43 @@ class RegisterRequestTokenRestServlet(RestServlet):
        defer.returnValue((200, ret))


+class MsisdnRegisterRequestTokenRestServlet(RestServlet):
+    PATTERNS = client_v2_patterns("/register/msisdn/requestToken$")
+
+    def __init__(self, hs):
+        """
+        Args:
+            hs (synapse.server.HomeServer): server
+        """
+        super(MsisdnRegisterRequestTokenRestServlet, self).__init__()
+        self.hs = hs
+        self.identity_handler = hs.get_handlers().identity_handler
+
+    @defer.inlineCallbacks
+    def on_POST(self, request):
+        body = parse_json_object_from_request(request)
+
+        assert_params_in_request(body, [
+            'id_server', 'client_secret',
+            'country', 'phone_number',
+            'send_attempt',
+        ])
+
+        msisdn = phone_number_to_msisdn(body['country'], body['phone_number'])
+
+        existingUid = yield self.hs.get_datastore().get_user_id_by_threepid(
+            'msisdn', msisdn
+        )
+
+        if existingUid is not None:
+            raise SynapseError(
+                400, "Phone number is already in use", Codes.THREEPID_IN_USE
+            )
+
+        ret = yield self.identity_handler.requestMsisdnToken(**body)
+        defer.returnValue((200, ret))
+
+
 class RegisterRestServlet(RestServlet):
    PATTERNS = client_v2_patterns("/register$")

@ -203,12 +239,16 @@ class RegisterRestServlet(RestServlet):
        if self.hs.config.enable_registration_captcha:
            flows = [
                [LoginType.RECAPTCHA],
-                [LoginType.EMAIL_IDENTITY, LoginType.RECAPTCHA]
+                [LoginType.EMAIL_IDENTITY, LoginType.RECAPTCHA],
+                [LoginType.MSISDN, LoginType.RECAPTCHA],
+                [LoginType.EMAIL_IDENTITY, LoginType.MSISDN, LoginType.RECAPTCHA],
            ]
        else:
            flows = [
                [LoginType.DUMMY],
-                [LoginType.EMAIL_IDENTITY]
+                [LoginType.EMAIL_IDENTITY],
+                [LoginType.MSISDN],
+                [LoginType.EMAIL_IDENTITY, LoginType.MSISDN],
            ]

        authed, auth_result, params, session_id = yield self.auth_handler.check_auth(
@ -224,8 +264,9 @@ class RegisterRestServlet(RestServlet):
                "Already registered user ID %r for this session",
                registered_user_id
            )
-            # don't re-register the email address
+            # don't re-register the threepids
            add_email = False
+            add_msisdn = False
        else:
            # NB: This may be from the auth handler and NOT from the POST
            if 'password' not in params:
@ -250,6 +291,7 @@ class RegisterRestServlet(RestServlet):
            )

            add_email = True
+            add_msisdn = True

        return_dict = yield self._create_registration_details(
            registered_user_id, params
@ -262,6 +304,13 @@ class RegisterRestServlet(RestServlet):
                params.get("bind_email")
            )

+        if add_msisdn and auth_result and LoginType.MSISDN in auth_result:
+            threepid = auth_result[LoginType.MSISDN]
+            yield self._register_msisdn_threepid(
+                registered_user_id, threepid, return_dict["access_token"],
+                params.get("bind_msisdn")
+            )
+
        defer.returnValue((200, return_dict))

    def on_OPTIONS(self, _):
@ -323,8 +372,9 @@ class RegisterRestServlet(RestServlet):
        """
        reqd = ('medium', 'address', 'validated_at')
        if any(x not in threepid for x in reqd):
+            # This will only happen if the ID server returns a malformed response
            logger.info("Can't add incomplete 3pid")
-            defer.returnValue()
+            return

        yield self.auth_handler.add_threepid(
            user_id,
@ -371,6 +421,43 @@ class RegisterRestServlet(RestServlet):
        else:
            logger.info("bind_email not specified: not binding email")

+    @defer.inlineCallbacks
+    def _register_msisdn_threepid(self, user_id, threepid, token, bind_msisdn):
+        """Add a phone number as a 3pid identifier
+
+        Also optionally binds msisdn to the given user_id on the identity server
+
+        Args:
+            user_id (str): id of user
+            threepid (object): m.login.msisdn auth response
+            token (str): access_token for the user
+            bind_email (bool): true if the client requested the email to be
+                bound at the identity server
+        Returns:
+            defer.Deferred:
+        """
+        reqd = ('medium', 'address', 'validated_at')
+        if any(x not in threepid for x in reqd):
+            # This will only happen if the ID server returns a malformed response
+            logger.info("Can't add incomplete 3pid")
+            defer.returnValue()
+
+        yield self.auth_handler.add_threepid(
+            user_id,
+            threepid['medium'],
+            threepid['address'],
+            threepid['validated_at'],
+        )
+
+        if bind_msisdn:
+            logger.info("bind_msisdn specified: binding")
+            logger.debug("Binding msisdn %s to %s", threepid, user_id)
+            yield self.identity_handler.bind_threepid(
+                threepid['threepid_creds'], user_id
+            )
+        else:
+            logger.info("bind_msisdn not specified: not binding msisdn")
+
    @defer.inlineCallbacks
    def _create_registration_details(self, user_id, params):
        """Complete registration of newly-registered user
@ -449,5 +536,6 @@ class RegisterRestServlet(RestServlet):


 def register_servlets(hs, http_server):
-    RegisterRequestTokenRestServlet(hs).register(http_server)
+    EmailRegisterRequestTokenRestServlet(hs).register(http_server)
+    MsisdnRegisterRequestTokenRestServlet(hs).register(http_server)
    RegisterRestServlet(hs).register(http_server)