Merge branch 'develop' into rav/no_more_refresh_tokens

2025-05-02 18:04:49 -04:00 · 2016-11-30 17:10:04 +00:00 · 2016-11-30 17:10:04 +00:00 · dc4b23e1a1
commit dc4b23e1a1
parent 5c4edc83b5 8379a741cc
14 changed files with 94 additions and 78 deletions
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@ -15,6 +15,7 @@

 from twisted.internet import defer

+import synapse
 from synapse.api.auth import get_access_token_from_request, has_access_token
 from synapse.api.constants import LoginType
 from synapse.api.errors import SynapseError, Codes, UnrecognizedRequestError
@ -100,12 +101,14 @@ class RegisterRestServlet(RestServlet):
    def on_POST(self, request):
        yield run_on_reactor()

+        body = parse_json_object_from_request(request)
+
        kind = "user"
        if "kind" in request.args:
            kind = request.args["kind"][0]

        if kind == "guest":
-            ret = yield self._do_guest_registration()
+            ret = yield self._do_guest_registration(body)
            defer.returnValue(ret)
            return
        elif kind != "user":
@ -113,8 +116,6 @@ class RegisterRestServlet(RestServlet):
                "Do not understand membership kind: %s" % (kind,)
            )

-        body = parse_json_object_from_request(request)
-
        # we do basic sanity checks here because the auth layer will store these
        # in sessions. Pull out the username/password provided to us.
        desired_password = None
@ -420,13 +421,22 @@ class RegisterRestServlet(RestServlet):
        )

    @defer.inlineCallbacks
-    def _do_guest_registration(self):
+    def _do_guest_registration(self, params):
        if not self.hs.config.allow_guest_access:
            defer.returnValue((403, "Guest access is disabled"))
        user_id, _ = yield self.registration_handler.register(
            generate_token=False,
            make_guest=True
        )
+
+        # we don't allow guests to specify their own device_id, because
+        # we have nowhere to store it.
+        device_id = synapse.api.auth.GUEST_DEVICE_ID
+        initial_display_name = params.get("initial_device_display_name")
+        self.device_handler.check_device_registered(
+            user_id, device_id, initial_display_name
+        )
+
        access_token = self.auth_handler.generate_access_token(
            user_id, ["guest = true"]
        )
@ -434,6 +444,7 @@ class RegisterRestServlet(RestServlet):
        # so long as we don't return a refresh_token here.
        defer.returnValue((200, {
            "user_id": user_id,
+            "device_id": device_id,
            "access_token": access_token,
            "home_server": self.hs.hostname,
        }))