mirror of
https://github.com/1f349/dendrite.git
synced 2024-11-25 21:21:35 +00:00
Make userapi control account creation entirely (#1139)
This makes a chokepoint with which we can finally fix 'database is locked' errors on sqlite during account creation
This commit is contained in:
parent
04c99092a4
commit
a66a3b830c
@ -110,6 +110,7 @@ func generateAppServiceAccount(
|
|||||||
) error {
|
) error {
|
||||||
var accRes userapi.PerformAccountCreationResponse
|
var accRes userapi.PerformAccountCreationResponse
|
||||||
err := userAPI.PerformAccountCreation(context.Background(), &userapi.PerformAccountCreationRequest{
|
err := userAPI.PerformAccountCreation(context.Background(), &userapi.PerformAccountCreationRequest{
|
||||||
|
AccountType: userapi.AccountTypeUser,
|
||||||
Localpart: as.SenderLocalpart,
|
Localpart: as.SenderLocalpart,
|
||||||
AppServiceID: as.ID,
|
AppServiceID: as.ID,
|
||||||
OnConflict: userapi.ConflictUpdate,
|
OnConflict: userapi.ConflictUpdate,
|
||||||
|
@ -23,7 +23,6 @@ import (
|
|||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
||||||
"github.com/matrix-org/dendrite/userapi/api"
|
"github.com/matrix-org/dendrite/userapi/api"
|
||||||
"github.com/matrix-org/util"
|
"github.com/matrix-org/util"
|
||||||
@ -42,7 +41,7 @@ type DeviceDatabase interface {
|
|||||||
// AccountDatabase represents an account database.
|
// AccountDatabase represents an account database.
|
||||||
type AccountDatabase interface {
|
type AccountDatabase interface {
|
||||||
// Look up the account matching the given localpart.
|
// Look up the account matching the given localpart.
|
||||||
GetAccountByLocalpart(ctx context.Context, localpart string) (*authtypes.Account, error)
|
GetAccountByLocalpart(ctx context.Context, localpart string) (*api.Account, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
// VerifyUserFromRequest authenticates the HTTP request,
|
// VerifyUserFromRequest authenticates the HTTP request,
|
||||||
|
@ -1,31 +0,0 @@
|
|||||||
// Copyright 2017 Vector Creations Ltd
|
|
||||||
//
|
|
||||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
// you may not use this file except in compliance with the License.
|
|
||||||
// You may obtain a copy of the License at
|
|
||||||
//
|
|
||||||
// http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
//
|
|
||||||
// Unless required by applicable law or agreed to in writing, software
|
|
||||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
// See the License for the specific language governing permissions and
|
|
||||||
// limitations under the License.
|
|
||||||
|
|
||||||
package authtypes
|
|
||||||
|
|
||||||
import (
|
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
|
||||||
)
|
|
||||||
|
|
||||||
// Account represents a Matrix account on this home server.
|
|
||||||
type Account struct {
|
|
||||||
UserID string
|
|
||||||
Localpart string
|
|
||||||
ServerName gomatrixserverlib.ServerName
|
|
||||||
Profile *Profile
|
|
||||||
AppServiceID string
|
|
||||||
// TODO: Other flags like IsAdmin, IsGuest
|
|
||||||
// TODO: Devices
|
|
||||||
// TODO: Associations (e.g. with application services)
|
|
||||||
}
|
|
@ -20,20 +20,21 @@ import (
|
|||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
||||||
"github.com/matrix-org/dendrite/internal"
|
"github.com/matrix-org/dendrite/internal"
|
||||||
|
"github.com/matrix-org/dendrite/userapi/api"
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
)
|
)
|
||||||
|
|
||||||
type Database interface {
|
type Database interface {
|
||||||
internal.PartitionStorer
|
internal.PartitionStorer
|
||||||
GetAccountByPassword(ctx context.Context, localpart, plaintextPassword string) (*authtypes.Account, error)
|
GetAccountByPassword(ctx context.Context, localpart, plaintextPassword string) (*api.Account, error)
|
||||||
GetProfileByLocalpart(ctx context.Context, localpart string) (*authtypes.Profile, error)
|
GetProfileByLocalpart(ctx context.Context, localpart string) (*authtypes.Profile, error)
|
||||||
SetAvatarURL(ctx context.Context, localpart string, avatarURL string) error
|
SetAvatarURL(ctx context.Context, localpart string, avatarURL string) error
|
||||||
SetDisplayName(ctx context.Context, localpart string, displayName string) error
|
SetDisplayName(ctx context.Context, localpart string, displayName string) error
|
||||||
// CreateAccount makes a new account with the given login name and password, and creates an empty profile
|
// CreateAccount makes a new account with the given login name and password, and creates an empty profile
|
||||||
// for this account. If no password is supplied, the account will be a passwordless account. If the
|
// for this account. If no password is supplied, the account will be a passwordless account. If the
|
||||||
// account already exists, it will return nil, ErrUserExists.
|
// account already exists, it will return nil, ErrUserExists.
|
||||||
CreateAccount(ctx context.Context, localpart, plaintextPassword, appserviceID string) (*authtypes.Account, error)
|
CreateAccount(ctx context.Context, localpart, plaintextPassword, appserviceID string) (*api.Account, error)
|
||||||
CreateGuestAccount(ctx context.Context) (*authtypes.Account, error)
|
CreateGuestAccount(ctx context.Context) (*api.Account, error)
|
||||||
UpdateMemberships(ctx context.Context, eventsToAdd []gomatrixserverlib.Event, idsToRemove []string) error
|
UpdateMemberships(ctx context.Context, eventsToAdd []gomatrixserverlib.Event, idsToRemove []string) error
|
||||||
GetMembershipInRoomByLocalpart(ctx context.Context, localpart, roomID string) (authtypes.Membership, error)
|
GetMembershipInRoomByLocalpart(ctx context.Context, localpart, roomID string) (authtypes.Membership, error)
|
||||||
GetRoomIDsByLocalPart(ctx context.Context, localpart string) ([]string, error)
|
GetRoomIDsByLocalPart(ctx context.Context, localpart string) ([]string, error)
|
||||||
@ -53,7 +54,7 @@ type Database interface {
|
|||||||
GetFilter(ctx context.Context, localpart string, filterID string) (*gomatrixserverlib.Filter, error)
|
GetFilter(ctx context.Context, localpart string, filterID string) (*gomatrixserverlib.Filter, error)
|
||||||
PutFilter(ctx context.Context, localpart string, filter *gomatrixserverlib.Filter) (string, error)
|
PutFilter(ctx context.Context, localpart string, filter *gomatrixserverlib.Filter) (string, error)
|
||||||
CheckAccountAvailability(ctx context.Context, localpart string) (bool, error)
|
CheckAccountAvailability(ctx context.Context, localpart string) (bool, error)
|
||||||
GetAccountByLocalpart(ctx context.Context, localpart string) (*authtypes.Account, error)
|
GetAccountByLocalpart(ctx context.Context, localpart string) (*api.Account, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Err3PIDInUse is the error returned when trying to save an association involving
|
// Err3PIDInUse is the error returned when trying to save an association involving
|
||||||
|
@ -19,8 +19,8 @@ import (
|
|||||||
"database/sql"
|
"database/sql"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/userutil"
|
"github.com/matrix-org/dendrite/clientapi/userutil"
|
||||||
|
"github.com/matrix-org/dendrite/userapi/api"
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
|
|
||||||
log "github.com/sirupsen/logrus"
|
log "github.com/sirupsen/logrus"
|
||||||
@ -92,7 +92,7 @@ func (s *accountsStatements) prepare(db *sql.DB, server gomatrixserverlib.Server
|
|||||||
// on success.
|
// on success.
|
||||||
func (s *accountsStatements) insertAccount(
|
func (s *accountsStatements) insertAccount(
|
||||||
ctx context.Context, txn *sql.Tx, localpart, hash, appserviceID string,
|
ctx context.Context, txn *sql.Tx, localpart, hash, appserviceID string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
createdTimeMS := time.Now().UnixNano() / 1000000
|
createdTimeMS := time.Now().UnixNano() / 1000000
|
||||||
stmt := txn.Stmt(s.insertAccountStmt)
|
stmt := txn.Stmt(s.insertAccountStmt)
|
||||||
|
|
||||||
@ -106,7 +106,7 @@ func (s *accountsStatements) insertAccount(
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return &authtypes.Account{
|
return &api.Account{
|
||||||
Localpart: localpart,
|
Localpart: localpart,
|
||||||
UserID: userutil.MakeUserID(localpart, s.serverName),
|
UserID: userutil.MakeUserID(localpart, s.serverName),
|
||||||
ServerName: s.serverName,
|
ServerName: s.serverName,
|
||||||
@ -123,9 +123,9 @@ func (s *accountsStatements) selectPasswordHash(
|
|||||||
|
|
||||||
func (s *accountsStatements) selectAccountByLocalpart(
|
func (s *accountsStatements) selectAccountByLocalpart(
|
||||||
ctx context.Context, localpart string,
|
ctx context.Context, localpart string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
var appserviceIDPtr sql.NullString
|
var appserviceIDPtr sql.NullString
|
||||||
var acc authtypes.Account
|
var acc api.Account
|
||||||
|
|
||||||
stmt := s.selectAccountByLocalpartStmt
|
stmt := s.selectAccountByLocalpartStmt
|
||||||
err := stmt.QueryRowContext(ctx, localpart).Scan(&acc.Localpart, &appserviceIDPtr)
|
err := stmt.QueryRowContext(ctx, localpart).Scan(&acc.Localpart, &appserviceIDPtr)
|
||||||
|
@ -22,6 +22,7 @@ import (
|
|||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
||||||
"github.com/matrix-org/dendrite/internal/sqlutil"
|
"github.com/matrix-org/dendrite/internal/sqlutil"
|
||||||
|
"github.com/matrix-org/dendrite/userapi/api"
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
"golang.org/x/crypto/bcrypt"
|
"golang.org/x/crypto/bcrypt"
|
||||||
|
|
||||||
@ -84,7 +85,7 @@ func NewDatabase(dataSourceName string, dbProperties sqlutil.DbProperties, serve
|
|||||||
// Returns sql.ErrNoRows if no account exists which matches the given localpart.
|
// Returns sql.ErrNoRows if no account exists which matches the given localpart.
|
||||||
func (d *Database) GetAccountByPassword(
|
func (d *Database) GetAccountByPassword(
|
||||||
ctx context.Context, localpart, plaintextPassword string,
|
ctx context.Context, localpart, plaintextPassword string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
hash, err := d.accounts.selectPasswordHash(ctx, localpart)
|
hash, err := d.accounts.selectPasswordHash(ctx, localpart)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -121,7 +122,7 @@ func (d *Database) SetDisplayName(
|
|||||||
|
|
||||||
// CreateGuestAccount makes a new guest account and creates an empty profile
|
// CreateGuestAccount makes a new guest account and creates an empty profile
|
||||||
// for this account.
|
// for this account.
|
||||||
func (d *Database) CreateGuestAccount(ctx context.Context) (acc *authtypes.Account, err error) {
|
func (d *Database) CreateGuestAccount(ctx context.Context) (acc *api.Account, err error) {
|
||||||
err = sqlutil.WithTransaction(d.db, func(txn *sql.Tx) error {
|
err = sqlutil.WithTransaction(d.db, func(txn *sql.Tx) error {
|
||||||
var numLocalpart int64
|
var numLocalpart int64
|
||||||
numLocalpart, err = d.accounts.selectNewNumericLocalpart(ctx, txn)
|
numLocalpart, err = d.accounts.selectNewNumericLocalpart(ctx, txn)
|
||||||
@ -140,7 +141,7 @@ func (d *Database) CreateGuestAccount(ctx context.Context) (acc *authtypes.Accou
|
|||||||
// account already exists, it will return nil, sqlutil.ErrUserExists.
|
// account already exists, it will return nil, sqlutil.ErrUserExists.
|
||||||
func (d *Database) CreateAccount(
|
func (d *Database) CreateAccount(
|
||||||
ctx context.Context, localpart, plaintextPassword, appserviceID string,
|
ctx context.Context, localpart, plaintextPassword, appserviceID string,
|
||||||
) (acc *authtypes.Account, err error) {
|
) (acc *api.Account, err error) {
|
||||||
err = sqlutil.WithTransaction(d.db, func(txn *sql.Tx) error {
|
err = sqlutil.WithTransaction(d.db, func(txn *sql.Tx) error {
|
||||||
acc, err = d.createAccount(ctx, txn, localpart, plaintextPassword, appserviceID)
|
acc, err = d.createAccount(ctx, txn, localpart, plaintextPassword, appserviceID)
|
||||||
return err
|
return err
|
||||||
@ -150,7 +151,7 @@ func (d *Database) CreateAccount(
|
|||||||
|
|
||||||
func (d *Database) createAccount(
|
func (d *Database) createAccount(
|
||||||
ctx context.Context, txn *sql.Tx, localpart, plaintextPassword, appserviceID string,
|
ctx context.Context, txn *sql.Tx, localpart, plaintextPassword, appserviceID string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
// Generate a password hash if this is not a password-less user
|
// Generate a password hash if this is not a password-less user
|
||||||
@ -427,6 +428,6 @@ func (d *Database) CheckAccountAvailability(ctx context.Context, localpart strin
|
|||||||
// This function assumes the request is authenticated or the account data is used only internally.
|
// This function assumes the request is authenticated or the account data is used only internally.
|
||||||
// Returns sql.ErrNoRows if no account exists which matches the given localpart.
|
// Returns sql.ErrNoRows if no account exists which matches the given localpart.
|
||||||
func (d *Database) GetAccountByLocalpart(ctx context.Context, localpart string,
|
func (d *Database) GetAccountByLocalpart(ctx context.Context, localpart string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
return d.accounts.selectAccountByLocalpart(ctx, localpart)
|
return d.accounts.selectAccountByLocalpart(ctx, localpart)
|
||||||
}
|
}
|
||||||
|
@ -19,8 +19,8 @@ import (
|
|||||||
"database/sql"
|
"database/sql"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/userutil"
|
"github.com/matrix-org/dendrite/clientapi/userutil"
|
||||||
|
"github.com/matrix-org/dendrite/userapi/api"
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
|
|
||||||
log "github.com/sirupsen/logrus"
|
log "github.com/sirupsen/logrus"
|
||||||
@ -90,7 +90,7 @@ func (s *accountsStatements) prepare(db *sql.DB, server gomatrixserverlib.Server
|
|||||||
// on success.
|
// on success.
|
||||||
func (s *accountsStatements) insertAccount(
|
func (s *accountsStatements) insertAccount(
|
||||||
ctx context.Context, txn *sql.Tx, localpart, hash, appserviceID string,
|
ctx context.Context, txn *sql.Tx, localpart, hash, appserviceID string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
createdTimeMS := time.Now().UnixNano() / 1000000
|
createdTimeMS := time.Now().UnixNano() / 1000000
|
||||||
stmt := s.insertAccountStmt
|
stmt := s.insertAccountStmt
|
||||||
|
|
||||||
@ -104,7 +104,7 @@ func (s *accountsStatements) insertAccount(
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return &authtypes.Account{
|
return &api.Account{
|
||||||
Localpart: localpart,
|
Localpart: localpart,
|
||||||
UserID: userutil.MakeUserID(localpart, s.serverName),
|
UserID: userutil.MakeUserID(localpart, s.serverName),
|
||||||
ServerName: s.serverName,
|
ServerName: s.serverName,
|
||||||
@ -121,9 +121,9 @@ func (s *accountsStatements) selectPasswordHash(
|
|||||||
|
|
||||||
func (s *accountsStatements) selectAccountByLocalpart(
|
func (s *accountsStatements) selectAccountByLocalpart(
|
||||||
ctx context.Context, localpart string,
|
ctx context.Context, localpart string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
var appserviceIDPtr sql.NullString
|
var appserviceIDPtr sql.NullString
|
||||||
var acc authtypes.Account
|
var acc api.Account
|
||||||
|
|
||||||
stmt := s.selectAccountByLocalpartStmt
|
stmt := s.selectAccountByLocalpartStmt
|
||||||
err := stmt.QueryRowContext(ctx, localpart).Scan(&acc.Localpart, &appserviceIDPtr)
|
err := stmt.QueryRowContext(ctx, localpart).Scan(&acc.Localpart, &appserviceIDPtr)
|
||||||
|
@ -23,6 +23,7 @@ import (
|
|||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
||||||
"github.com/matrix-org/dendrite/internal/sqlutil"
|
"github.com/matrix-org/dendrite/internal/sqlutil"
|
||||||
|
"github.com/matrix-org/dendrite/userapi/api"
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
"golang.org/x/crypto/bcrypt"
|
"golang.org/x/crypto/bcrypt"
|
||||||
// Import the sqlite3 database driver.
|
// Import the sqlite3 database driver.
|
||||||
@ -89,7 +90,7 @@ func NewDatabase(dataSourceName string, serverName gomatrixserverlib.ServerName)
|
|||||||
// Returns sql.ErrNoRows if no account exists which matches the given localpart.
|
// Returns sql.ErrNoRows if no account exists which matches the given localpart.
|
||||||
func (d *Database) GetAccountByPassword(
|
func (d *Database) GetAccountByPassword(
|
||||||
ctx context.Context, localpart, plaintextPassword string,
|
ctx context.Context, localpart, plaintextPassword string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
hash, err := d.accounts.selectPasswordHash(ctx, localpart)
|
hash, err := d.accounts.selectPasswordHash(ctx, localpart)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -126,7 +127,7 @@ func (d *Database) SetDisplayName(
|
|||||||
|
|
||||||
// CreateGuestAccount makes a new guest account and creates an empty profile
|
// CreateGuestAccount makes a new guest account and creates an empty profile
|
||||||
// for this account.
|
// for this account.
|
||||||
func (d *Database) CreateGuestAccount(ctx context.Context) (acc *authtypes.Account, err error) {
|
func (d *Database) CreateGuestAccount(ctx context.Context) (acc *api.Account, err error) {
|
||||||
err = sqlutil.WithTransaction(d.db, func(txn *sql.Tx) error {
|
err = sqlutil.WithTransaction(d.db, func(txn *sql.Tx) error {
|
||||||
// We need to lock so we sequentially create numeric localparts. If we don't, two calls to
|
// We need to lock so we sequentially create numeric localparts. If we don't, two calls to
|
||||||
// this function will cause the same number to be selected and one will fail with 'database is locked'
|
// this function will cause the same number to be selected and one will fail with 'database is locked'
|
||||||
@ -152,7 +153,7 @@ func (d *Database) CreateGuestAccount(ctx context.Context) (acc *authtypes.Accou
|
|||||||
// account already exists, it will return nil, ErrUserExists.
|
// account already exists, it will return nil, ErrUserExists.
|
||||||
func (d *Database) CreateAccount(
|
func (d *Database) CreateAccount(
|
||||||
ctx context.Context, localpart, plaintextPassword, appserviceID string,
|
ctx context.Context, localpart, plaintextPassword, appserviceID string,
|
||||||
) (acc *authtypes.Account, err error) {
|
) (acc *api.Account, err error) {
|
||||||
err = sqlutil.WithTransaction(d.db, func(txn *sql.Tx) error {
|
err = sqlutil.WithTransaction(d.db, func(txn *sql.Tx) error {
|
||||||
acc, err = d.createAccount(ctx, txn, localpart, plaintextPassword, appserviceID)
|
acc, err = d.createAccount(ctx, txn, localpart, plaintextPassword, appserviceID)
|
||||||
return err
|
return err
|
||||||
@ -162,7 +163,7 @@ func (d *Database) CreateAccount(
|
|||||||
|
|
||||||
func (d *Database) createAccount(
|
func (d *Database) createAccount(
|
||||||
ctx context.Context, txn *sql.Tx, localpart, plaintextPassword, appserviceID string,
|
ctx context.Context, txn *sql.Tx, localpart, plaintextPassword, appserviceID string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
var err error
|
var err error
|
||||||
// Generate a password hash if this is not a password-less user
|
// Generate a password hash if this is not a password-less user
|
||||||
hash := ""
|
hash := ""
|
||||||
@ -438,6 +439,6 @@ func (d *Database) CheckAccountAvailability(ctx context.Context, localpart strin
|
|||||||
// This function assumes the request is authenticated or the account data is used only internally.
|
// This function assumes the request is authenticated or the account data is used only internally.
|
||||||
// Returns sql.ErrNoRows if no account exists which matches the given localpart.
|
// Returns sql.ErrNoRows if no account exists which matches the given localpart.
|
||||||
func (d *Database) GetAccountByLocalpart(ctx context.Context, localpart string,
|
func (d *Database) GetAccountByLocalpart(ctx context.Context, localpart string,
|
||||||
) (*authtypes.Account, error) {
|
) (*api.Account, error) {
|
||||||
return d.accounts.selectAccountByLocalpart(ctx, localpart)
|
return d.accounts.selectAccountByLocalpart(ctx, localpart)
|
||||||
}
|
}
|
||||||
|
@ -20,7 +20,6 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth"
|
"github.com/matrix-org/dendrite/clientapi/auth"
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/storage/accounts"
|
"github.com/matrix-org/dendrite/clientapi/auth/storage/accounts"
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/storage/devices"
|
"github.com/matrix-org/dendrite/clientapi/auth/storage/devices"
|
||||||
"github.com/matrix-org/dendrite/clientapi/httputil"
|
"github.com/matrix-org/dendrite/clientapi/httputil"
|
||||||
@ -81,7 +80,7 @@ func Login(
|
|||||||
}
|
}
|
||||||
} else if req.Method == http.MethodPost {
|
} else if req.Method == http.MethodPost {
|
||||||
var r passwordRequest
|
var r passwordRequest
|
||||||
var acc *authtypes.Account
|
var acc *api.Account
|
||||||
resErr := httputil.UnmarshalJSONRequest(req, &r)
|
resErr := httputil.UnmarshalJSONRequest(req, &r)
|
||||||
if resErr != nil {
|
if resErr != nil {
|
||||||
return *resErr
|
return *resErr
|
||||||
@ -156,7 +155,7 @@ func getDevice(
|
|||||||
ctx context.Context,
|
ctx context.Context,
|
||||||
r passwordRequest,
|
r passwordRequest,
|
||||||
deviceDB devices.Database,
|
deviceDB devices.Database,
|
||||||
acc *authtypes.Account,
|
acc *api.Account,
|
||||||
token string,
|
token string,
|
||||||
) (dev *api.Device, err error) {
|
) (dev *api.Device, err error) {
|
||||||
dev, err = deviceDB.CreateDevice(
|
dev, err = deviceDB.CreateDevice(
|
||||||
|
@ -34,15 +34,14 @@ import (
|
|||||||
|
|
||||||
"github.com/matrix-org/dendrite/internal/config"
|
"github.com/matrix-org/dendrite/internal/config"
|
||||||
"github.com/matrix-org/dendrite/internal/eventutil"
|
"github.com/matrix-org/dendrite/internal/eventutil"
|
||||||
"github.com/matrix-org/dendrite/internal/sqlutil"
|
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth"
|
"github.com/matrix-org/dendrite/clientapi/auth"
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/storage/accounts"
|
"github.com/matrix-org/dendrite/clientapi/auth/storage/accounts"
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth/storage/devices"
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/httputil"
|
"github.com/matrix-org/dendrite/clientapi/httputil"
|
||||||
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
||||||
"github.com/matrix-org/dendrite/clientapi/userutil"
|
"github.com/matrix-org/dendrite/clientapi/userutil"
|
||||||
|
userapi "github.com/matrix-org/dendrite/userapi/api"
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
"github.com/matrix-org/gomatrixserverlib/tokens"
|
"github.com/matrix-org/gomatrixserverlib/tokens"
|
||||||
"github.com/matrix-org/util"
|
"github.com/matrix-org/util"
|
||||||
@ -441,8 +440,8 @@ func validateApplicationService(
|
|||||||
// http://matrix.org/speculator/spec/HEAD/client_server/unstable.html#post-matrix-client-unstable-register
|
// http://matrix.org/speculator/spec/HEAD/client_server/unstable.html#post-matrix-client-unstable-register
|
||||||
func Register(
|
func Register(
|
||||||
req *http.Request,
|
req *http.Request,
|
||||||
|
userAPI userapi.UserInternalAPI,
|
||||||
accountDB accounts.Database,
|
accountDB accounts.Database,
|
||||||
deviceDB devices.Database,
|
|
||||||
cfg *config.Dendrite,
|
cfg *config.Dendrite,
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
var r registerRequest
|
var r registerRequest
|
||||||
@ -451,7 +450,7 @@ func Register(
|
|||||||
return *resErr
|
return *resErr
|
||||||
}
|
}
|
||||||
if req.URL.Query().Get("kind") == "guest" {
|
if req.URL.Query().Get("kind") == "guest" {
|
||||||
return handleGuestRegistration(req, r, cfg, accountDB, deviceDB)
|
return handleGuestRegistration(req, r, cfg, userAPI)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Retrieve or generate the sessionID
|
// Retrieve or generate the sessionID
|
||||||
@ -507,17 +506,19 @@ func Register(
|
|||||||
"session_id": r.Auth.Session,
|
"session_id": r.Auth.Session,
|
||||||
}).Info("Processing registration request")
|
}).Info("Processing registration request")
|
||||||
|
|
||||||
return handleRegistrationFlow(req, r, sessionID, cfg, accountDB, deviceDB)
|
return handleRegistrationFlow(req, r, sessionID, cfg, userAPI)
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleGuestRegistration(
|
func handleGuestRegistration(
|
||||||
req *http.Request,
|
req *http.Request,
|
||||||
r registerRequest,
|
r registerRequest,
|
||||||
cfg *config.Dendrite,
|
cfg *config.Dendrite,
|
||||||
accountDB accounts.Database,
|
userAPI userapi.UserInternalAPI,
|
||||||
deviceDB devices.Database,
|
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
acc, err := accountDB.CreateGuestAccount(req.Context())
|
var res userapi.PerformAccountCreationResponse
|
||||||
|
err := userAPI.PerformAccountCreation(req.Context(), &userapi.PerformAccountCreationRequest{
|
||||||
|
AccountType: userapi.AccountTypeGuest,
|
||||||
|
}, &res)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusInternalServerError,
|
Code: http.StatusInternalServerError,
|
||||||
@ -526,8 +527,8 @@ func handleGuestRegistration(
|
|||||||
}
|
}
|
||||||
token, err := tokens.GenerateLoginToken(tokens.TokenOptions{
|
token, err := tokens.GenerateLoginToken(tokens.TokenOptions{
|
||||||
ServerPrivateKey: cfg.Matrix.PrivateKey.Seed(),
|
ServerPrivateKey: cfg.Matrix.PrivateKey.Seed(),
|
||||||
ServerName: string(acc.ServerName),
|
ServerName: string(res.Account.ServerName),
|
||||||
UserID: acc.UserID,
|
UserID: res.Account.UserID,
|
||||||
})
|
})
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -537,7 +538,12 @@ func handleGuestRegistration(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
//we don't allow guests to specify their own device_id
|
//we don't allow guests to specify their own device_id
|
||||||
dev, err := deviceDB.CreateDevice(req.Context(), acc.Localpart, nil, token, r.InitialDisplayName)
|
var devRes userapi.PerformDeviceCreationResponse
|
||||||
|
err = userAPI.PerformDeviceCreation(req.Context(), &userapi.PerformDeviceCreationRequest{
|
||||||
|
Localpart: res.Account.Localpart,
|
||||||
|
DeviceDisplayName: r.InitialDisplayName,
|
||||||
|
AccessToken: token,
|
||||||
|
}, &devRes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusInternalServerError,
|
Code: http.StatusInternalServerError,
|
||||||
@ -547,10 +553,10 @@ func handleGuestRegistration(
|
|||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusOK,
|
Code: http.StatusOK,
|
||||||
JSON: registerResponse{
|
JSON: registerResponse{
|
||||||
UserID: dev.UserID,
|
UserID: devRes.Device.UserID,
|
||||||
AccessToken: dev.AccessToken,
|
AccessToken: devRes.Device.AccessToken,
|
||||||
HomeServer: acc.ServerName,
|
HomeServer: res.Account.ServerName,
|
||||||
DeviceID: dev.ID,
|
DeviceID: devRes.Device.ID,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -563,8 +569,7 @@ func handleRegistrationFlow(
|
|||||||
r registerRequest,
|
r registerRequest,
|
||||||
sessionID string,
|
sessionID string,
|
||||||
cfg *config.Dendrite,
|
cfg *config.Dendrite,
|
||||||
accountDB accounts.Database,
|
userAPI userapi.UserInternalAPI,
|
||||||
deviceDB devices.Database,
|
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
// TODO: Shared secret registration (create new user scripts)
|
// TODO: Shared secret registration (create new user scripts)
|
||||||
// TODO: Enable registration config flag
|
// TODO: Enable registration config flag
|
||||||
@ -615,7 +620,7 @@ func handleRegistrationFlow(
|
|||||||
// by whether the request contains an access token.
|
// by whether the request contains an access token.
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return handleApplicationServiceRegistration(
|
return handleApplicationServiceRegistration(
|
||||||
accessToken, err, req, r, cfg, accountDB, deviceDB,
|
accessToken, err, req, r, cfg, userAPI,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -626,7 +631,7 @@ func handleRegistrationFlow(
|
|||||||
// don't need a condition on that call since the registration is clearly
|
// don't need a condition on that call since the registration is clearly
|
||||||
// stated as being AS-related.
|
// stated as being AS-related.
|
||||||
return handleApplicationServiceRegistration(
|
return handleApplicationServiceRegistration(
|
||||||
accessToken, err, req, r, cfg, accountDB, deviceDB,
|
accessToken, err, req, r, cfg, userAPI,
|
||||||
)
|
)
|
||||||
|
|
||||||
case authtypes.LoginTypeDummy:
|
case authtypes.LoginTypeDummy:
|
||||||
@ -645,7 +650,7 @@ func handleRegistrationFlow(
|
|||||||
// A response with current registration flow and remaining available methods
|
// A response with current registration flow and remaining available methods
|
||||||
// will be returned if a flow has not been successfully completed yet
|
// will be returned if a flow has not been successfully completed yet
|
||||||
return checkAndCompleteFlow(sessions.GetCompletedStages(sessionID),
|
return checkAndCompleteFlow(sessions.GetCompletedStages(sessionID),
|
||||||
req, r, sessionID, cfg, accountDB, deviceDB)
|
req, r, sessionID, cfg, userAPI)
|
||||||
}
|
}
|
||||||
|
|
||||||
// handleApplicationServiceRegistration handles the registration of an
|
// handleApplicationServiceRegistration handles the registration of an
|
||||||
@ -662,8 +667,7 @@ func handleApplicationServiceRegistration(
|
|||||||
req *http.Request,
|
req *http.Request,
|
||||||
r registerRequest,
|
r registerRequest,
|
||||||
cfg *config.Dendrite,
|
cfg *config.Dendrite,
|
||||||
accountDB accounts.Database,
|
userAPI userapi.UserInternalAPI,
|
||||||
deviceDB devices.Database,
|
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
// Check if we previously had issues extracting the access token from the
|
// Check if we previously had issues extracting the access token from the
|
||||||
// request.
|
// request.
|
||||||
@ -687,7 +691,7 @@ func handleApplicationServiceRegistration(
|
|||||||
// Don't need to worry about appending to registration stages as
|
// Don't need to worry about appending to registration stages as
|
||||||
// application service registration is entirely separate.
|
// application service registration is entirely separate.
|
||||||
return completeRegistration(
|
return completeRegistration(
|
||||||
req.Context(), accountDB, deviceDB, r.Username, "", appserviceID,
|
req.Context(), userAPI, r.Username, "", appserviceID,
|
||||||
r.InhibitLogin, r.InitialDisplayName, r.DeviceID,
|
r.InhibitLogin, r.InitialDisplayName, r.DeviceID,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
@ -701,13 +705,12 @@ func checkAndCompleteFlow(
|
|||||||
r registerRequest,
|
r registerRequest,
|
||||||
sessionID string,
|
sessionID string,
|
||||||
cfg *config.Dendrite,
|
cfg *config.Dendrite,
|
||||||
accountDB accounts.Database,
|
userAPI userapi.UserInternalAPI,
|
||||||
deviceDB devices.Database,
|
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
if checkFlowCompleted(flow, cfg.Derived.Registration.Flows) {
|
if checkFlowCompleted(flow, cfg.Derived.Registration.Flows) {
|
||||||
// This flow was completed, registration can continue
|
// This flow was completed, registration can continue
|
||||||
return completeRegistration(
|
return completeRegistration(
|
||||||
req.Context(), accountDB, deviceDB, r.Username, r.Password, "",
|
req.Context(), userAPI, r.Username, r.Password, "",
|
||||||
r.InhibitLogin, r.InitialDisplayName, r.DeviceID,
|
r.InhibitLogin, r.InitialDisplayName, r.DeviceID,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
@ -724,8 +727,7 @@ func checkAndCompleteFlow(
|
|||||||
// LegacyRegister process register requests from the legacy v1 API
|
// LegacyRegister process register requests from the legacy v1 API
|
||||||
func LegacyRegister(
|
func LegacyRegister(
|
||||||
req *http.Request,
|
req *http.Request,
|
||||||
accountDB accounts.Database,
|
userAPI userapi.UserInternalAPI,
|
||||||
deviceDB devices.Database,
|
|
||||||
cfg *config.Dendrite,
|
cfg *config.Dendrite,
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
var r legacyRegisterRequest
|
var r legacyRegisterRequest
|
||||||
@ -760,10 +762,10 @@ func LegacyRegister(
|
|||||||
return util.MessageResponse(http.StatusForbidden, "HMAC incorrect")
|
return util.MessageResponse(http.StatusForbidden, "HMAC incorrect")
|
||||||
}
|
}
|
||||||
|
|
||||||
return completeRegistration(req.Context(), accountDB, deviceDB, r.Username, r.Password, "", false, nil, nil)
|
return completeRegistration(req.Context(), userAPI, r.Username, r.Password, "", false, nil, nil)
|
||||||
case authtypes.LoginTypeDummy:
|
case authtypes.LoginTypeDummy:
|
||||||
// there is nothing to do
|
// there is nothing to do
|
||||||
return completeRegistration(req.Context(), accountDB, deviceDB, r.Username, r.Password, "", false, nil, nil)
|
return completeRegistration(req.Context(), userAPI, r.Username, r.Password, "", false, nil, nil)
|
||||||
default:
|
default:
|
||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusNotImplemented,
|
Code: http.StatusNotImplemented,
|
||||||
@ -809,8 +811,7 @@ func parseAndValidateLegacyLogin(req *http.Request, r *legacyRegisterRequest) *u
|
|||||||
// not all
|
// not all
|
||||||
func completeRegistration(
|
func completeRegistration(
|
||||||
ctx context.Context,
|
ctx context.Context,
|
||||||
accountDB accounts.Database,
|
userAPI userapi.UserInternalAPI,
|
||||||
deviceDB devices.Database,
|
|
||||||
username, password, appserviceID string,
|
username, password, appserviceID string,
|
||||||
inhibitLogin eventutil.WeakBoolean,
|
inhibitLogin eventutil.WeakBoolean,
|
||||||
displayName, deviceID *string,
|
displayName, deviceID *string,
|
||||||
@ -829,9 +830,16 @@ func completeRegistration(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
acc, err := accountDB.CreateAccount(ctx, username, password, appserviceID)
|
var accRes userapi.PerformAccountCreationResponse
|
||||||
|
err := userAPI.PerformAccountCreation(ctx, &userapi.PerformAccountCreationRequest{
|
||||||
|
AppServiceID: appserviceID,
|
||||||
|
Localpart: username,
|
||||||
|
Password: password,
|
||||||
|
AccountType: userapi.AccountTypeUser,
|
||||||
|
OnConflict: userapi.ConflictAbort,
|
||||||
|
}, &accRes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if errors.Is(err, sqlutil.ErrUserExists) { // user already exists
|
if _, ok := err.(*userapi.ErrorConflict); ok { // user already exists
|
||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusBadRequest,
|
Code: http.StatusBadRequest,
|
||||||
JSON: jsonerror.UserInUse("Desired user ID is already taken."),
|
JSON: jsonerror.UserInUse("Desired user ID is already taken."),
|
||||||
@ -852,8 +860,8 @@ func completeRegistration(
|
|||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusOK,
|
Code: http.StatusOK,
|
||||||
JSON: registerResponse{
|
JSON: registerResponse{
|
||||||
UserID: userutil.MakeUserID(username, acc.ServerName),
|
UserID: userutil.MakeUserID(username, accRes.Account.ServerName),
|
||||||
HomeServer: acc.ServerName,
|
HomeServer: accRes.Account.ServerName,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -866,7 +874,13 @@ func completeRegistration(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
dev, err := deviceDB.CreateDevice(ctx, username, deviceID, token, displayName)
|
var devRes userapi.PerformDeviceCreationResponse
|
||||||
|
err = userAPI.PerformDeviceCreation(ctx, &userapi.PerformDeviceCreationRequest{
|
||||||
|
Localpart: username,
|
||||||
|
AccessToken: token,
|
||||||
|
DeviceDisplayName: displayName,
|
||||||
|
DeviceID: deviceID,
|
||||||
|
}, &devRes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusInternalServerError,
|
Code: http.StatusInternalServerError,
|
||||||
@ -877,10 +891,10 @@ func completeRegistration(
|
|||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusOK,
|
Code: http.StatusOK,
|
||||||
JSON: registerResponse{
|
JSON: registerResponse{
|
||||||
UserID: dev.UserID,
|
UserID: devRes.Device.UserID,
|
||||||
AccessToken: dev.AccessToken,
|
AccessToken: devRes.Device.AccessToken,
|
||||||
HomeServer: acc.ServerName,
|
HomeServer: accRes.Account.ServerName,
|
||||||
DeviceID: dev.ID,
|
DeviceID: devRes.Device.ID,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -203,11 +203,11 @@ func Setup(
|
|||||||
).Methods(http.MethodPut, http.MethodOptions)
|
).Methods(http.MethodPut, http.MethodOptions)
|
||||||
|
|
||||||
r0mux.Handle("/register", httputil.MakeExternalAPI("register", func(req *http.Request) util.JSONResponse {
|
r0mux.Handle("/register", httputil.MakeExternalAPI("register", func(req *http.Request) util.JSONResponse {
|
||||||
return Register(req, accountDB, deviceDB, cfg)
|
return Register(req, userAPI, accountDB, cfg)
|
||||||
})).Methods(http.MethodPost, http.MethodOptions)
|
})).Methods(http.MethodPost, http.MethodOptions)
|
||||||
|
|
||||||
v1mux.Handle("/register", httputil.MakeExternalAPI("register", func(req *http.Request) util.JSONResponse {
|
v1mux.Handle("/register", httputil.MakeExternalAPI("register", func(req *http.Request) util.JSONResponse {
|
||||||
return LegacyRegister(req, accountDB, deviceDB, cfg)
|
return LegacyRegister(req, userAPI, cfg)
|
||||||
})).Methods(http.MethodPost, http.MethodOptions)
|
})).Methods(http.MethodPost, http.MethodOptions)
|
||||||
|
|
||||||
r0mux.Handle("/register/available", httputil.MakeExternalAPI("registerAvailable", func(req *http.Request) util.JSONResponse {
|
r0mux.Handle("/register/available", httputil.MakeExternalAPI("registerAvailable", func(req *http.Request) util.JSONResponse {
|
||||||
|
@ -89,16 +89,18 @@ type QueryProfileResponse struct {
|
|||||||
|
|
||||||
// PerformAccountCreationRequest is the request for PerformAccountCreation
|
// PerformAccountCreationRequest is the request for PerformAccountCreation
|
||||||
type PerformAccountCreationRequest struct {
|
type PerformAccountCreationRequest struct {
|
||||||
Localpart string
|
AccountType AccountType // Required: whether this is a guest or user account
|
||||||
AppServiceID string
|
Localpart string // Required: The localpart for this account. Ignored if account type is guest.
|
||||||
Password string
|
|
||||||
|
AppServiceID string // optional: the application service ID (not user ID) creating this account, if any.
|
||||||
|
Password string // optional: if missing then this account will be a passwordless account
|
||||||
OnConflict Conflict
|
OnConflict Conflict
|
||||||
}
|
}
|
||||||
|
|
||||||
// PerformAccountCreationResponse is the response for PerformAccountCreation
|
// PerformAccountCreationResponse is the response for PerformAccountCreation
|
||||||
type PerformAccountCreationResponse struct {
|
type PerformAccountCreationResponse struct {
|
||||||
AccountCreated bool
|
AccountCreated bool
|
||||||
UserID string
|
Account *Account
|
||||||
}
|
}
|
||||||
|
|
||||||
// PerformDeviceCreationRequest is the request for PerformDeviceCreation
|
// PerformDeviceCreationRequest is the request for PerformDeviceCreation
|
||||||
@ -115,8 +117,7 @@ type PerformDeviceCreationRequest struct {
|
|||||||
// PerformDeviceCreationResponse is the response for PerformDeviceCreation
|
// PerformDeviceCreationResponse is the response for PerformDeviceCreation
|
||||||
type PerformDeviceCreationResponse struct {
|
type PerformDeviceCreationResponse struct {
|
||||||
DeviceCreated bool
|
DeviceCreated bool
|
||||||
AccessToken string
|
Device *Device
|
||||||
DeviceID string
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Device represents a client's device (mobile, web, etc)
|
// Device represents a client's device (mobile, web, etc)
|
||||||
@ -134,6 +135,16 @@ type Device struct {
|
|||||||
DisplayName string
|
DisplayName string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Account represents a Matrix account on this home server.
|
||||||
|
type Account struct {
|
||||||
|
UserID string
|
||||||
|
Localpart string
|
||||||
|
ServerName gomatrixserverlib.ServerName
|
||||||
|
AppServiceID string
|
||||||
|
// TODO: Other flags like IsAdmin, IsGuest
|
||||||
|
// TODO: Associations (e.g. with application services)
|
||||||
|
}
|
||||||
|
|
||||||
// ErrorForbidden is an error indicating that the supplied access token is forbidden
|
// ErrorForbidden is an error indicating that the supplied access token is forbidden
|
||||||
type ErrorForbidden struct {
|
type ErrorForbidden struct {
|
||||||
Message string
|
Message string
|
||||||
@ -155,9 +166,17 @@ func (e *ErrorConflict) Error() string {
|
|||||||
// Conflict is an enum representing what to do when encountering conflicting when creating profiles/devices
|
// Conflict is an enum representing what to do when encountering conflicting when creating profiles/devices
|
||||||
type Conflict int
|
type Conflict int
|
||||||
|
|
||||||
|
// AccountType is an enum representing the kind of account
|
||||||
|
type AccountType int
|
||||||
|
|
||||||
const (
|
const (
|
||||||
// ConflictUpdate will update matching records returning no error
|
// ConflictUpdate will update matching records returning no error
|
||||||
ConflictUpdate Conflict = 1
|
ConflictUpdate Conflict = 1
|
||||||
// ConflictAbort will reject the request with ErrorConflict
|
// ConflictAbort will reject the request with ErrorConflict
|
||||||
ConflictAbort Conflict = 2
|
ConflictAbort Conflict = 2
|
||||||
|
|
||||||
|
// AccountTypeUser indicates this is a user account
|
||||||
|
AccountTypeUser AccountType = 1
|
||||||
|
// AccountTypeGuest indicates this is a guest account
|
||||||
|
AccountTypeGuest AccountType = 2
|
||||||
)
|
)
|
||||||
|
@ -39,6 +39,15 @@ type UserInternalAPI struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (a *UserInternalAPI) PerformAccountCreation(ctx context.Context, req *api.PerformAccountCreationRequest, res *api.PerformAccountCreationResponse) error {
|
func (a *UserInternalAPI) PerformAccountCreation(ctx context.Context, req *api.PerformAccountCreationRequest, res *api.PerformAccountCreationResponse) error {
|
||||||
|
if req.AccountType == api.AccountTypeGuest {
|
||||||
|
acc, err := a.AccountDB.CreateGuestAccount(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
res.AccountCreated = true
|
||||||
|
res.Account = acc
|
||||||
|
return nil
|
||||||
|
}
|
||||||
acc, err := a.AccountDB.CreateAccount(ctx, req.Localpart, req.Password, req.AppServiceID)
|
acc, err := a.AccountDB.CreateAccount(ctx, req.Localpart, req.Password, req.AppServiceID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if errors.Is(err, sqlutil.ErrUserExists) { // This account already exists
|
if errors.Is(err, sqlutil.ErrUserExists) { // This account already exists
|
||||||
@ -51,12 +60,18 @@ func (a *UserInternalAPI) PerformAccountCreation(ctx context.Context, req *api.P
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// account already exists
|
||||||
res.AccountCreated = false
|
res.AccountCreated = false
|
||||||
res.UserID = fmt.Sprintf("@%s:%s", req.Localpart, a.ServerName)
|
res.Account = &api.Account{
|
||||||
|
AppServiceID: req.AppServiceID,
|
||||||
|
Localpart: req.Localpart,
|
||||||
|
ServerName: a.ServerName,
|
||||||
|
UserID: fmt.Sprintf("@%s:%s", req.Localpart, a.ServerName),
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
res.AccountCreated = true
|
res.AccountCreated = true
|
||||||
res.UserID = acc.UserID
|
res.Account = acc
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
func (a *UserInternalAPI) PerformDeviceCreation(ctx context.Context, req *api.PerformDeviceCreationRequest, res *api.PerformDeviceCreationResponse) error {
|
func (a *UserInternalAPI) PerformDeviceCreation(ctx context.Context, req *api.PerformDeviceCreationRequest, res *api.PerformDeviceCreationResponse) error {
|
||||||
@ -65,8 +80,7 @@ func (a *UserInternalAPI) PerformDeviceCreation(ctx context.Context, req *api.Pe
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
res.DeviceCreated = true
|
res.DeviceCreated = true
|
||||||
res.AccessToken = dev.AccessToken
|
res.Device = dev
|
||||||
res.DeviceID = dev.ID
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user