mirror of
https://mau.dev/maunium/synapse.git
synced 2024-10-01 01:36:05 -04:00
Merge pull request #921 from matrix-org/erikj/account_deactivate
Feature: Add an /account/deactivate endpoint
This commit is contained in:
commit
a3036ac37e
@ -121,6 +121,49 @@ class PasswordRestServlet(RestServlet):
|
|||||||
return 200, {}
|
return 200, {}
|
||||||
|
|
||||||
|
|
||||||
|
class DeactivateAccountRestServlet(RestServlet):
|
||||||
|
PATTERNS = client_v2_patterns("/account/deactivate$")
|
||||||
|
|
||||||
|
def __init__(self, hs):
|
||||||
|
self.hs = hs
|
||||||
|
self.store = hs.get_datastore()
|
||||||
|
self.auth = hs.get_auth()
|
||||||
|
self.auth_handler = hs.get_auth_handler()
|
||||||
|
super(DeactivateAccountRestServlet, self).__init__()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def on_POST(self, request):
|
||||||
|
body = parse_json_object_from_request(request)
|
||||||
|
|
||||||
|
authed, result, params, _ = yield self.auth_handler.check_auth([
|
||||||
|
[LoginType.PASSWORD],
|
||||||
|
], body, self.hs.get_ip_from_request(request))
|
||||||
|
|
||||||
|
if not authed:
|
||||||
|
defer.returnValue((401, result))
|
||||||
|
|
||||||
|
user_id = None
|
||||||
|
requester = None
|
||||||
|
|
||||||
|
if LoginType.PASSWORD in result:
|
||||||
|
# if using password, they should also be logged in
|
||||||
|
requester = yield self.auth.get_user_by_req(request)
|
||||||
|
user_id = requester.user.to_string()
|
||||||
|
if user_id != result[LoginType.PASSWORD]:
|
||||||
|
raise LoginError(400, "", Codes.UNKNOWN)
|
||||||
|
else:
|
||||||
|
logger.error("Auth succeeded but no known type!", result.keys())
|
||||||
|
raise SynapseError(500, "", Codes.UNKNOWN)
|
||||||
|
|
||||||
|
# FIXME: Theoretically there is a race here wherein user resets password
|
||||||
|
# using threepid.
|
||||||
|
yield self.store.user_delete_access_tokens(user_id)
|
||||||
|
yield self.store.user_delete_threepids(user_id)
|
||||||
|
yield self.store.user_set_password_hash(user_id, None)
|
||||||
|
|
||||||
|
defer.returnValue((200, {}))
|
||||||
|
|
||||||
|
|
||||||
class ThreepidRequestTokenRestServlet(RestServlet):
|
class ThreepidRequestTokenRestServlet(RestServlet):
|
||||||
PATTERNS = client_v2_patterns("/account/3pid/email/requestToken$")
|
PATTERNS = client_v2_patterns("/account/3pid/email/requestToken$")
|
||||||
|
|
||||||
@ -223,5 +266,6 @@ class ThreepidRestServlet(RestServlet):
|
|||||||
def register_servlets(hs, http_server):
|
def register_servlets(hs, http_server):
|
||||||
PasswordRequestTokenRestServlet(hs).register(http_server)
|
PasswordRequestTokenRestServlet(hs).register(http_server)
|
||||||
PasswordRestServlet(hs).register(http_server)
|
PasswordRestServlet(hs).register(http_server)
|
||||||
|
DeactivateAccountRestServlet(hs).register(http_server)
|
||||||
ThreepidRequestTokenRestServlet(hs).register(http_server)
|
ThreepidRequestTokenRestServlet(hs).register(http_server)
|
||||||
ThreepidRestServlet(hs).register(http_server)
|
ThreepidRestServlet(hs).register(http_server)
|
||||||
|
Loading…
Reference in New Issue
Block a user