Implement MSC3231: Token authenticated registration (#10142)

Signed-off-by: Callum Brown <callum@calcuode.com> This is part of my GSoC project implementing [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231).
2025-05-05 14:14:56 -04:00 · 2021-08-21 22:14:43 +01:00 · 2021-08-21 22:14:43 +01:00 · 947dbbdfd1
commit 947dbbdfd1
parent ecd823d766
21 changed files with 2389 additions and 1 deletions
--- a/synapse/config/ratelimiting.py
+++ b/synapse/config/ratelimiting.py
@ -79,6 +79,11 @@ class RatelimitConfig(Config):

        self.rc_registration = RateLimitConfig(config.get("rc_registration", {}))

+        self.rc_registration_token_validity = RateLimitConfig(
+            config.get("rc_registration_token_validity", {}),
+            defaults={"per_second": 0.1, "burst_count": 5},
+        )
+
        rc_login_config = config.get("rc_login", {})
        self.rc_login_address = RateLimitConfig(rc_login_config.get("address", {}))
        self.rc_login_account = RateLimitConfig(rc_login_config.get("account", {}))
@ -143,6 +148,8 @@ class RatelimitConfig(Config):
        #     is using
        #   - one for registration that ratelimits registration requests based on the
        #     client's IP address.
+        #   - one for checking the validity of registration tokens that ratelimits
+        #     requests based on the client's IP address.
        #   - one for login that ratelimits login requests based on the client's IP
        #     address.
        #   - one for login that ratelimits login requests based on the account the
@ -171,6 +178,10 @@ class RatelimitConfig(Config):
        #  per_second: 0.17
        #  burst_count: 3
        #
+        #rc_registration_token_validity:
+        #  per_second: 0.1
+        #  burst_count: 5
+        #
        #rc_login:
        #  address:
        #    per_second: 0.17