mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-12-18 00:04:23 -05:00
Merge pull request #5187 from matrix-org/dbkr/only_check_threepid_not_in_use_if_actually_registering
Only check 3pids not in use when registering
This commit is contained in:
commit
fafb936de5
1
changelog.d/5187.bugfix
Normal file
1
changelog.d/5187.bugfix
Normal file
@ -0,0 +1 @@
|
||||
Fix a bug where the register endpoint would fail with M_THREEPID_IN_USE instead of returning an account previously registered in the same session.
|
@ -394,13 +394,6 @@ class RegisterRestServlet(RestServlet):
|
||||
# the user-facing checks will probably already have happened in
|
||||
# /register/email/requestToken when we requested a 3pid, but that's not
|
||||
# guaranteed.
|
||||
#
|
||||
# Also check that we're not trying to register a 3pid that's already
|
||||
# been registered.
|
||||
#
|
||||
# This has probably happened in /register/email/requestToken as well,
|
||||
# but if a user hits this endpoint twice then clicks on each link from
|
||||
# the two activation emails, they would register the same 3pid twice.
|
||||
|
||||
if auth_result:
|
||||
for login_type in [LoginType.EMAIL_IDENTITY, LoginType.MSISDN]:
|
||||
@ -416,17 +409,6 @@ class RegisterRestServlet(RestServlet):
|
||||
Codes.THREEPID_DENIED,
|
||||
)
|
||||
|
||||
existingUid = yield self.store.get_user_id_by_threepid(
|
||||
medium, address,
|
||||
)
|
||||
|
||||
if existingUid is not None:
|
||||
raise SynapseError(
|
||||
400,
|
||||
"%s is already in use" % medium,
|
||||
Codes.THREEPID_IN_USE,
|
||||
)
|
||||
|
||||
if registered_user_id is not None:
|
||||
logger.info(
|
||||
"Already registered user ID %r for this session",
|
||||
@ -449,6 +431,28 @@ class RegisterRestServlet(RestServlet):
|
||||
if auth_result:
|
||||
threepid = auth_result.get(LoginType.EMAIL_IDENTITY)
|
||||
|
||||
# Also check that we're not trying to register a 3pid that's already
|
||||
# been registered.
|
||||
#
|
||||
# This has probably happened in /register/email/requestToken as well,
|
||||
# but if a user hits this endpoint twice then clicks on each link from
|
||||
# the two activation emails, they would register the same 3pid twice.
|
||||
for login_type in [LoginType.EMAIL_IDENTITY, LoginType.MSISDN]:
|
||||
if login_type in auth_result:
|
||||
medium = auth_result[login_type]['medium']
|
||||
address = auth_result[login_type]['address']
|
||||
|
||||
existingUid = yield self.store.get_user_id_by_threepid(
|
||||
medium, address,
|
||||
)
|
||||
|
||||
if existingUid is not None:
|
||||
raise SynapseError(
|
||||
400,
|
||||
"%s is already in use" % medium,
|
||||
Codes.THREEPID_IN_USE,
|
||||
)
|
||||
|
||||
(registered_user_id, _) = yield self.registration_handler.register(
|
||||
localpart=desired_username,
|
||||
password=new_password,
|
||||
|
Loading…
Reference in New Issue
Block a user