Merge remote-tracking branch 'origin/erikj/as_mau_block' into develop

2025-05-02 20:54:50 -04:00 · 2020-12-18 09:51:56 +00:00 · 2020-12-18 09:51:56 +00:00 · a7a913918c
commit a7a913918c
parent 70586aa63e 14eab1b4d2
7 changed files with 86 additions and 9 deletions
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@ -738,6 +738,7 @@ class AuthHandler(BaseHandler):
        device_id: Optional[str],
        valid_until_ms: Optional[int],
        puppets_user_id: Optional[str] = None,
+        is_appservice_ghost: bool = False,
    ) -> str:
        """
        Creates a new access token for the user with the given user ID.
@ -754,6 +755,7 @@ class AuthHandler(BaseHandler):
               we should always have a device ID)
            valid_until_ms: when the token is valid until. None for
                no expiry.
+            is_appservice_ghost: Whether the user is an application ghost user
        Returns:
              The access token for the user's session.
        Raises:
@ -774,7 +776,11 @@ class AuthHandler(BaseHandler):
                "Logging in user %s on device %s%s", user_id, device_id, fmt_expiry
            )

-        await self.auth.check_auth_blocking(user_id)
+        if (
+            not is_appservice_ghost
+            or self.hs.config.appservice.track_appservice_user_ips
+        ):
+            await self.auth.check_auth_blocking(user_id)

        access_token = self.macaroon_gen.generate_access_token(user_id)
        await self.store.add_access_token_to_user(