mirror of
https://git.anonymousland.org/anonymousland/synapse.git
synced 2025-08-19 01:07:49 -04:00
Merge pull request #5027 from matrix-org/babolivier/account_expiration
Add time-based account expiration
This commit is contained in:
commit
bfc8fdf1fc
9 changed files with 143 additions and 3 deletions
|
@ -64,6 +64,8 @@ class Auth(object):
|
|||
self.token_cache = LruCache(CACHE_SIZE_FACTOR * 10000)
|
||||
register_cache("cache", "token_cache", self.token_cache)
|
||||
|
||||
self._account_validity = hs.config.account_validity
|
||||
|
||||
@defer.inlineCallbacks
|
||||
def check_from_context(self, room_version, event, context, do_sig_check=True):
|
||||
prev_state_ids = yield context.get_prev_state_ids(self.store)
|
||||
|
@ -226,6 +228,16 @@ class Auth(object):
|
|||
token_id = user_info["token_id"]
|
||||
is_guest = user_info["is_guest"]
|
||||
|
||||
# Deny the request if the user account has expired.
|
||||
if self._account_validity.enabled:
|
||||
expiration_ts = yield self.store.get_expiration_ts_for_user(user)
|
||||
if self.clock.time_msec() >= expiration_ts:
|
||||
raise AuthError(
|
||||
403,
|
||||
"User account has expired",
|
||||
errcode=Codes.EXPIRED_ACCOUNT,
|
||||
)
|
||||
|
||||
# device_id may not be present if get_user_by_access_token has been
|
||||
# stubbed out.
|
||||
device_id = user_info.get("device_id")
|
||||
|
|
|
@ -60,6 +60,7 @@ class Codes(object):
|
|||
UNSUPPORTED_ROOM_VERSION = "M_UNSUPPORTED_ROOM_VERSION"
|
||||
INCOMPATIBLE_ROOM_VERSION = "M_INCOMPATIBLE_ROOM_VERSION"
|
||||
WRONG_ROOM_KEYS_VERSION = "M_WRONG_ROOM_KEYS_VERSION"
|
||||
EXPIRED_ACCOUNT = "ORG_MATRIX_EXPIRED_ACCOUNT"
|
||||
|
||||
|
||||
class CodeMessageException(RuntimeError):
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue