gitlord
/
synapse
mirror da https://github.com/matrix-org/synapse.git
1
0
Forka 0
Codice Problemi 0 Rilasci 671 Wiki Attività
Non puoi selezionare più di 25 argomenti Gli argomenti devono iniziare con una lettera o un numero, possono includere trattini ('-') e possono essere lunghi fino a 35 caratteri.
20893 Commit
842 Rami (Branch)
604 MiB
 
 
 
 
 
 
Albero (Tree): 493c2fc44a
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da '493c2fc44a'
${ noResults }
synapse/synapse/config/registration.py

226 righe
10 KiB
Originale Blame Cronologia 

  1. # Copyright 2015, 2016 OpenMarket Ltd

  2. # Copyright 2021 The Matrix.org Foundation C.I.C.

  3. #

  4. # Licensed under the Apache License, Version 2.0 (the "License");

  5. # you may not use this file except in compliance with the License.

  6. # You may obtain a copy of the License at

  7. #

  8. #     http://www.apache.org/licenses/LICENSE-2.0

  9. #

  10. # Unless required by applicable law or agreed to in writing, software

  11. # distributed under the License is distributed on an "AS IS" BASIS,

  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. # See the License for the specific language governing permissions and

  14. # limitations under the License.

  15. import argparse

  16. from typing import Any, Optional

  17. 

  18. from synapse.api.constants import RoomCreationPreset

  19. from synapse.config._base import Config, ConfigError

  20. from synapse.types import JsonDict, RoomAlias, UserID

  21. from synapse.util.stringutils import random_string_with_symbols, strtobool

  22. 

  23. 

  24. class RegistrationConfig(Config):

  25.     section = "registration"

  26. 

  27.     def read_config(self, config: JsonDict, **kwargs: Any) -> None:

  28.         self.enable_registration = strtobool(

  29.             str(config.get("enable_registration", False))

  30.         )

  31.         if "disable_registration" in config:

  32.             self.enable_registration = not strtobool(

  33.                 str(config["disable_registration"])

  34.             )

  35. 

  36.         self.enable_registration_without_verification = strtobool(

  37.             str(config.get("enable_registration_without_verification", False))

  38.         )

  39. 

  40.         self.registrations_require_3pid = config.get("registrations_require_3pid", [])

  41.         self.allowed_local_3pids = config.get("allowed_local_3pids", [])

  42.         self.enable_3pid_lookup = config.get("enable_3pid_lookup", True)

  43.         self.registration_requires_token = config.get(

  44.             "registration_requires_token", False

  45.         )

  46.         self.enable_registration_token_3pid_bypass = config.get(

  47.             "enable_registration_token_3pid_bypass", False

  48.         )

  49.         self.registration_shared_secret = config.get("registration_shared_secret")

  50. 

  51.         self.bcrypt_rounds = config.get("bcrypt_rounds", 12)

  52. 

  53.         account_threepid_delegates = config.get("account_threepid_delegates") or {}

  54.         self.account_threepid_delegate_email = account_threepid_delegates.get("email")

  55.         self.account_threepid_delegate_msisdn = account_threepid_delegates.get("msisdn")

  56.         self.default_identity_server = config.get("default_identity_server")

  57.         self.allow_guest_access = config.get("allow_guest_access", False)

  58. 

  59.         if config.get("invite_3pid_guest", False):

  60.             raise ConfigError("invite_3pid_guest is no longer supported")

  61. 

  62.         self.auto_join_rooms = config.get("auto_join_rooms", [])

  63.         for room_alias in self.auto_join_rooms:

  64.             if not RoomAlias.is_valid(room_alias):

  65.                 raise ConfigError("Invalid auto_join_rooms entry %s" % (room_alias,))

  66. 

  67.         # Options for creating auto-join rooms if they do not exist yet.

  68.         self.autocreate_auto_join_rooms = config.get("autocreate_auto_join_rooms", True)

  69.         self.autocreate_auto_join_rooms_federated = config.get(

  70.             "autocreate_auto_join_rooms_federated", True

  71.         )

  72.         self.autocreate_auto_join_room_preset = (

  73.             config.get("autocreate_auto_join_room_preset")

  74.             or RoomCreationPreset.PUBLIC_CHAT

  75.         )

  76.         self.auto_join_room_requires_invite = self.autocreate_auto_join_room_preset in {

  77.             RoomCreationPreset.PRIVATE_CHAT,

  78.             RoomCreationPreset.TRUSTED_PRIVATE_CHAT,

  79.         }

  80. 

  81.         # Pull the creator/inviter from the configuration, this gets used to

  82.         # send invites for invite-only rooms.

  83.         mxid_localpart = config.get("auto_join_mxid_localpart")

  84.         self.auto_join_user_id = None

  85.         if mxid_localpart:

  86.             # Convert the localpart to a full mxid.

  87.             self.auto_join_user_id = UserID(

  88.                 mxid_localpart, self.root.server.server_name

  89.             ).to_string()

  90. 

  91.         if self.autocreate_auto_join_rooms:

  92.             # Ensure the preset is a known value.

  93.             if self.autocreate_auto_join_room_preset not in {

  94.                 RoomCreationPreset.PUBLIC_CHAT,

  95.                 RoomCreationPreset.PRIVATE_CHAT,

  96.                 RoomCreationPreset.TRUSTED_PRIVATE_CHAT,

  97.             }:

  98.                 raise ConfigError("Invalid value for autocreate_auto_join_room_preset")

  99.             # If the preset requires invitations to be sent, ensure there's a

  100.             # configured user to send them from.

  101.             if self.auto_join_room_requires_invite:

  102.                 if not mxid_localpart:

  103.                     raise ConfigError(

  104.                         "The configuration option `auto_join_mxid_localpart` is required if "

  105.                         "`autocreate_auto_join_room_preset` is set to private_chat or trusted_private_chat, such that "

  106.                         "Synapse knows who to send invitations from. Please "

  107.                         "configure `auto_join_mxid_localpart`."

  108.                     )

  109. 

  110.         self.auto_join_rooms_for_guests = config.get("auto_join_rooms_for_guests", True)

  111. 

  112.         self.enable_set_displayname = config.get("enable_set_displayname", True)

  113.         self.enable_set_avatar_url = config.get("enable_set_avatar_url", True)

  114.         self.enable_3pid_changes = config.get("enable_3pid_changes", True)

  115. 

  116.         self.disable_msisdn_registration = config.get(

  117.             "disable_msisdn_registration", False

  118.         )

  119. 

  120.         session_lifetime = config.get("session_lifetime")

  121.         if session_lifetime is not None:

  122.             session_lifetime = self.parse_duration(session_lifetime)

  123.         self.session_lifetime = session_lifetime

  124. 

  125.         # The `refreshable_access_token_lifetime` applies for tokens that can be renewed

  126.         # using a refresh token, as per MSC2918.

  127.         # If it is `None`, the refresh token mechanism is disabled.

  128.         refreshable_access_token_lifetime = config.get(

  129.             "refreshable_access_token_lifetime",

  130.             "5m",

  131.         )

  132.         if refreshable_access_token_lifetime is not None:

  133.             refreshable_access_token_lifetime = self.parse_duration(

  134.                 refreshable_access_token_lifetime

  135.             )

  136.         self.refreshable_access_token_lifetime: Optional[

  137.             int

  138.         ] = refreshable_access_token_lifetime

  139. 

  140.         if (

  141.             self.session_lifetime is not None

  142.             and "refreshable_access_token_lifetime" in config

  143.         ):

  144.             if self.session_lifetime < self.refreshable_access_token_lifetime:

  145.                 raise ConfigError(

  146.                     "Both `session_lifetime` and `refreshable_access_token_lifetime` "

  147.                     "configuration options have been set, but `refreshable_access_token_lifetime` "

  148.                     " exceeds `session_lifetime`!"

  149.                 )

  150. 

  151.         # The `nonrefreshable_access_token_lifetime` applies for tokens that can NOT be

  152.         # refreshed using a refresh token.

  153.         # If it is None, then these tokens last for the entire length of the session,

  154.         # which is infinite by default.

  155.         # The intention behind this configuration option is to help with requiring

  156.         # all clients to use refresh tokens, if the homeserver administrator requires.

  157.         nonrefreshable_access_token_lifetime = config.get(

  158.             "nonrefreshable_access_token_lifetime",

  159.             None,

  160.         )

  161.         if nonrefreshable_access_token_lifetime is not None:

  162.             nonrefreshable_access_token_lifetime = self.parse_duration(

  163.                 nonrefreshable_access_token_lifetime

  164.             )

  165.         self.nonrefreshable_access_token_lifetime = nonrefreshable_access_token_lifetime

  166. 

  167.         if (

  168.             self.session_lifetime is not None

  169.             and self.nonrefreshable_access_token_lifetime is not None

  170.         ):

  171.             if self.session_lifetime < self.nonrefreshable_access_token_lifetime:

  172.                 raise ConfigError(

  173.                     "Both `session_lifetime` and `nonrefreshable_access_token_lifetime` "

  174.                     "configuration options have been set, but `nonrefreshable_access_token_lifetime` "

  175.                     " exceeds `session_lifetime`!"

  176.                 )

  177. 

  178.         refresh_token_lifetime = config.get("refresh_token_lifetime")

  179.         if refresh_token_lifetime is not None:

  180.             refresh_token_lifetime = self.parse_duration(refresh_token_lifetime)

  181.         self.refresh_token_lifetime: Optional[int] = refresh_token_lifetime

  182. 

  183.         if (

  184.             self.session_lifetime is not None

  185.             and self.refresh_token_lifetime is not None

  186.         ):

  187.             if self.session_lifetime < self.refresh_token_lifetime:

  188.                 raise ConfigError(

  189.                     "Both `session_lifetime` and `refresh_token_lifetime` "

  190.                     "configuration options have been set, but `refresh_token_lifetime` "

  191.                     " exceeds `session_lifetime`!"

  192.                 )

  193. 

  194.         # The fallback template used for authenticating using a registration token

  195.         self.registration_token_template = self.read_template("registration_token.html")

  196. 

  197.         # The success template used during fallback auth.

  198.         self.fallback_success_template = self.read_template("auth_success.html")

  199. 

  200.         self.inhibit_user_in_use_error = config.get("inhibit_user_in_use_error", False)

  201. 

  202.     def generate_config_section(

  203.         self, generate_secrets: bool = False, **kwargs: Any

  204.     ) -> str:

  205.         if generate_secrets:

  206.             registration_shared_secret = 'registration_shared_secret: "%s"' % (

  207.                 random_string_with_symbols(50),

  208.             )

  209.             return registration_shared_secret

  210.         else:

  211.             return ""

  212. 

  213.     @staticmethod

  214.     def add_arguments(parser: argparse.ArgumentParser) -> None:

  215.         reg_group = parser.add_argument_group("registration")

  216.         reg_group.add_argument(

  217.             "--enable-registration",

  218.             action="store_true",

  219.             default=None,

  220.             help="Enable registration for new users.",

  221.         )

  222. 

  223.     def read_arguments(self, args: argparse.Namespace) -> None:

  224.         if args.enable_registration is not None:

  225.             self.enable_registration = strtobool(str(args.enable_registration))