Add back in support for remembering parameters submitted to a user-interactive auth call.

This commit is contained in:
David Baker 2015-07-15 19:28:03 +01:00
parent 8cedf3ce95
commit 4da05fa0ae
2 changed files with 13 additions and 4 deletions

View File

@ -85,8 +85,10 @@ class AuthHandler(BaseHandler):
# email auth link on there). It's probably too open to abuse # email auth link on there). It's probably too open to abuse
# because it lets unauthenticated clients store arbitrary objects # because it lets unauthenticated clients store arbitrary objects
# on a home server. # on a home server.
# sess['clientdict'] = clientdict # Revisit: Assumimg the REST APIs do sensible validation, the data
# self._save_session(sess) # isn't arbintrary.
sess['clientdict'] = clientdict
self._save_session(sess)
pass pass
elif 'clientdict' in sess: elif 'clientdict' in sess:
clientdict = sess['clientdict'] clientdict = sess['clientdict']

View File

@ -57,10 +57,17 @@ class RegisterRestServlet(RestServlet):
yield run_on_reactor() yield run_on_reactor()
body = parse_request_allow_empty(request) body = parse_request_allow_empty(request)
if 'password' not in body: # we do basic sanity checks here because the auth layerwill store these in sessions
raise SynapseError(400, "", Codes.MISSING_PARAM) if 'password' in body:
print "%r" % (body['password'])
if (not isinstance(body['password'], str) and
not isinstance(body['password'], unicode)) or len(body['password']) > 512:
raise SynapseError(400, "Invalid password")
if 'username' in body: if 'username' in body:
if (not isinstance(body['username'], str) and
not isinstance(body['username'], unicode)) or len(body['username']) > 512:
raise SynapseError(400, "Invalid username")
desired_username = body['username'] desired_username = body['username']
yield self.registration_handler.check_username(desired_username) yield self.registration_handler.check_username(desired_username)