mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-12-11 19:54:24 -05:00
Kill off HomeServer.get_ip_from_request()
(#9080)
Homeserver.get_ip_from_request() used to be a bit more complicated, but now it is totally redundant. Let's get rid of it.
This commit is contained in:
parent
2ec8ca5e60
commit
0f8945e166
1
changelog.d/9080.misc
Normal file
1
changelog.d/9080.misc
Normal file
@ -0,0 +1 @@
|
||||
Remove redundant `Homeserver.get_ip_from_request` method.
|
@ -187,7 +187,7 @@ class Auth:
|
||||
AuthError if access is denied for the user in the access token
|
||||
"""
|
||||
try:
|
||||
ip_addr = self.hs.get_ip_from_request(request)
|
||||
ip_addr = request.getClientIP()
|
||||
user_agent = get_request_user_agent(request)
|
||||
|
||||
access_token = self.get_access_token_from_request(request)
|
||||
@ -276,7 +276,7 @@ class Auth:
|
||||
return None, None
|
||||
|
||||
if app_service.ip_range_whitelist:
|
||||
ip_address = IPAddress(self.hs.get_ip_from_request(request))
|
||||
ip_address = IPAddress(request.getClientIP())
|
||||
if ip_address not in app_service.ip_range_whitelist:
|
||||
return None, None
|
||||
|
||||
|
@ -284,7 +284,6 @@ class AuthHandler(BaseHandler):
|
||||
requester: Requester,
|
||||
request: SynapseRequest,
|
||||
request_body: Dict[str, Any],
|
||||
clientip: str,
|
||||
description: str,
|
||||
) -> Tuple[dict, Optional[str]]:
|
||||
"""
|
||||
@ -301,8 +300,6 @@ class AuthHandler(BaseHandler):
|
||||
|
||||
request_body: The body of the request sent by the client
|
||||
|
||||
clientip: The IP address of the client.
|
||||
|
||||
description: A human readable string to be displayed to the user that
|
||||
describes the operation happening on their account.
|
||||
|
||||
@ -351,7 +348,7 @@ class AuthHandler(BaseHandler):
|
||||
|
||||
try:
|
||||
result, params, session_id = await self.check_ui_auth(
|
||||
flows, request, request_body, clientip, description
|
||||
flows, request, request_body, description
|
||||
)
|
||||
except LoginError:
|
||||
# Update the ratelimiter to say we failed (`can_do_action` doesn't raise).
|
||||
@ -426,7 +423,6 @@ class AuthHandler(BaseHandler):
|
||||
flows: List[List[str]],
|
||||
request: SynapseRequest,
|
||||
clientdict: Dict[str, Any],
|
||||
clientip: str,
|
||||
description: str,
|
||||
) -> Tuple[dict, dict, str]:
|
||||
"""
|
||||
@ -448,8 +444,6 @@ class AuthHandler(BaseHandler):
|
||||
clientdict: The dictionary from the client root level, not the
|
||||
'auth' key: this method prompts for auth if none is sent.
|
||||
|
||||
clientip: The IP address of the client.
|
||||
|
||||
description: A human readable string to be displayed to the user that
|
||||
describes the operation happening on their account.
|
||||
|
||||
@ -540,6 +534,7 @@ class AuthHandler(BaseHandler):
|
||||
await self.store.set_ui_auth_clientdict(sid, clientdict)
|
||||
|
||||
user_agent = get_request_user_agent(request)
|
||||
clientip = request.getClientIP()
|
||||
|
||||
await self.store.add_user_agent_ip_to_ui_auth_session(
|
||||
session.session_id, user_agent, clientip
|
||||
|
@ -189,11 +189,7 @@ class PasswordRestServlet(RestServlet):
|
||||
requester = await self.auth.get_user_by_req(request)
|
||||
try:
|
||||
params, session_id = await self.auth_handler.validate_user_via_ui_auth(
|
||||
requester,
|
||||
request,
|
||||
body,
|
||||
self.hs.get_ip_from_request(request),
|
||||
"modify your account password",
|
||||
requester, request, body, "modify your account password",
|
||||
)
|
||||
except InteractiveAuthIncompleteError as e:
|
||||
# The user needs to provide more steps to complete auth, but
|
||||
@ -215,7 +211,6 @@ class PasswordRestServlet(RestServlet):
|
||||
[[LoginType.EMAIL_IDENTITY]],
|
||||
request,
|
||||
body,
|
||||
self.hs.get_ip_from_request(request),
|
||||
"modify your account password",
|
||||
)
|
||||
except InteractiveAuthIncompleteError as e:
|
||||
@ -309,11 +304,7 @@ class DeactivateAccountRestServlet(RestServlet):
|
||||
return 200, {}
|
||||
|
||||
await self.auth_handler.validate_user_via_ui_auth(
|
||||
requester,
|
||||
request,
|
||||
body,
|
||||
self.hs.get_ip_from_request(request),
|
||||
"deactivate your account",
|
||||
requester, request, body, "deactivate your account",
|
||||
)
|
||||
result = await self._deactivate_account_handler.deactivate_account(
|
||||
requester.user.to_string(), erase, id_server=body.get("id_server")
|
||||
@ -695,11 +686,7 @@ class ThreepidAddRestServlet(RestServlet):
|
||||
assert_valid_client_secret(client_secret)
|
||||
|
||||
await self.auth_handler.validate_user_via_ui_auth(
|
||||
requester,
|
||||
request,
|
||||
body,
|
||||
self.hs.get_ip_from_request(request),
|
||||
"add a third-party identifier to your account",
|
||||
requester, request, body, "add a third-party identifier to your account",
|
||||
)
|
||||
|
||||
validation_session = await self.identity_handler.validate_threepid_session(
|
||||
|
@ -128,7 +128,7 @@ class AuthRestServlet(RestServlet):
|
||||
authdict = {"response": response, "session": session}
|
||||
|
||||
success = await self.auth_handler.add_oob_auth(
|
||||
LoginType.RECAPTCHA, authdict, self.hs.get_ip_from_request(request)
|
||||
LoginType.RECAPTCHA, authdict, request.getClientIP()
|
||||
)
|
||||
|
||||
if success:
|
||||
@ -144,7 +144,7 @@ class AuthRestServlet(RestServlet):
|
||||
authdict = {"session": session}
|
||||
|
||||
success = await self.auth_handler.add_oob_auth(
|
||||
LoginType.TERMS, authdict, self.hs.get_ip_from_request(request)
|
||||
LoginType.TERMS, authdict, request.getClientIP()
|
||||
)
|
||||
|
||||
if success:
|
||||
|
@ -83,11 +83,7 @@ class DeleteDevicesRestServlet(RestServlet):
|
||||
assert_params_in_dict(body, ["devices"])
|
||||
|
||||
await self.auth_handler.validate_user_via_ui_auth(
|
||||
requester,
|
||||
request,
|
||||
body,
|
||||
self.hs.get_ip_from_request(request),
|
||||
"remove device(s) from your account",
|
||||
requester, request, body, "remove device(s) from your account",
|
||||
)
|
||||
|
||||
await self.device_handler.delete_devices(
|
||||
@ -133,11 +129,7 @@ class DeviceRestServlet(RestServlet):
|
||||
raise
|
||||
|
||||
await self.auth_handler.validate_user_via_ui_auth(
|
||||
requester,
|
||||
request,
|
||||
body,
|
||||
self.hs.get_ip_from_request(request),
|
||||
"remove a device from your account",
|
||||
requester, request, body, "remove a device from your account",
|
||||
)
|
||||
|
||||
await self.device_handler.delete_device(requester.user.to_string(), device_id)
|
||||
|
@ -271,11 +271,7 @@ class SigningKeyUploadServlet(RestServlet):
|
||||
body = parse_json_object_from_request(request)
|
||||
|
||||
await self.auth_handler.validate_user_via_ui_auth(
|
||||
requester,
|
||||
request,
|
||||
body,
|
||||
self.hs.get_ip_from_request(request),
|
||||
"add a device signing key to your account",
|
||||
requester, request, body, "add a device signing key to your account",
|
||||
)
|
||||
|
||||
result = await self.e2e_keys_handler.upload_signing_keys_for_user(user_id, body)
|
||||
|
@ -353,7 +353,7 @@ class UsernameAvailabilityRestServlet(RestServlet):
|
||||
403, "Registration has been disabled", errcode=Codes.FORBIDDEN
|
||||
)
|
||||
|
||||
ip = self.hs.get_ip_from_request(request)
|
||||
ip = request.getClientIP()
|
||||
with self.ratelimiter.ratelimit(ip) as wait_deferred:
|
||||
await wait_deferred
|
||||
|
||||
@ -513,11 +513,7 @@ class RegisterRestServlet(RestServlet):
|
||||
# not this will raise a user-interactive auth error.
|
||||
try:
|
||||
auth_result, params, session_id = await self.auth_handler.check_ui_auth(
|
||||
self._registration_flows,
|
||||
request,
|
||||
body,
|
||||
self.hs.get_ip_from_request(request),
|
||||
"register a new account",
|
||||
self._registration_flows, request, body, "register a new account",
|
||||
)
|
||||
except InteractiveAuthIncompleteError as e:
|
||||
# The user needs to provide more steps to complete auth.
|
||||
|
@ -283,10 +283,6 @@ class HomeServer(metaclass=abc.ABCMeta):
|
||||
"""
|
||||
return self._reactor
|
||||
|
||||
def get_ip_from_request(self, request) -> str:
|
||||
# X-Forwarded-For is handled by our custom request type.
|
||||
return request.getClientIP()
|
||||
|
||||
def is_mine(self, domain_specific_string: DomainSpecificString) -> bool:
|
||||
return domain_specific_string.domain == self.hostname
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user