mirror of
https://git.anonymousland.org/anonymousland/synapse.git
synced 2024-10-01 11:49:51 -04:00
Lowercase all email addresses before querying db
Since we store all emails in the DB in lowercase (https://github.com/matrix-org/synapse/pull/1170)
This commit is contained in:
parent
ae7b4da4cc
commit
8c5009b628
@ -118,8 +118,14 @@ class LoginRestServlet(ClientV1RestServlet):
|
|||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def do_password_login(self, login_submission):
|
def do_password_login(self, login_submission):
|
||||||
if 'medium' in login_submission and 'address' in login_submission:
|
if 'medium' in login_submission and 'address' in login_submission:
|
||||||
|
address = login_submission['address']
|
||||||
|
if login_submission['medium'] == 'email':
|
||||||
|
# For emails, transform the address to lowercase.
|
||||||
|
# We store all email addreses as lowercase in the DB.
|
||||||
|
# (See add_threepid in synapse/handlers/auth.py)
|
||||||
|
address = address.lower()
|
||||||
user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
||||||
login_submission['medium'], login_submission['address']
|
login_submission['medium'], address
|
||||||
)
|
)
|
||||||
if not user_id:
|
if not user_id:
|
||||||
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
||||||
|
@ -96,6 +96,11 @@ class PasswordRestServlet(RestServlet):
|
|||||||
threepid = result[LoginType.EMAIL_IDENTITY]
|
threepid = result[LoginType.EMAIL_IDENTITY]
|
||||||
if 'medium' not in threepid or 'address' not in threepid:
|
if 'medium' not in threepid or 'address' not in threepid:
|
||||||
raise SynapseError(500, "Malformed threepid")
|
raise SynapseError(500, "Malformed threepid")
|
||||||
|
if threepid['medium'] == 'email':
|
||||||
|
# For emails, transform the address to lowercase.
|
||||||
|
# We store all email addreses as lowercase in the DB.
|
||||||
|
# (See add_threepid in synapse/handlers/auth.py)
|
||||||
|
threepid['address'] = threepid['address'].lower()
|
||||||
# if using email, we must know about the email they're authing with!
|
# if using email, we must know about the email they're authing with!
|
||||||
threepid_user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
threepid_user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
||||||
threepid['medium'], threepid['address']
|
threepid['medium'], threepid['address']
|
||||||
|
Loading…
Reference in New Issue
Block a user