mirror of
https://github.com/1f349/dendrite.git
synced 2024-11-22 11:41:38 +00:00
Remove legacy register endpoint (#1822)
* Remove legacy register endpoint We only support `/r0` CS API paths, not `/v1`. * Finish removing
This commit is contained in:
parent
b769d5a25e
commit
e08942fb00
@ -161,15 +161,6 @@ type userInteractiveResponse struct {
|
|||||||
Session string `json:"session"`
|
Session string `json:"session"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// legacyRegisterRequest represents the submitted registration request for v1 API.
|
|
||||||
type legacyRegisterRequest struct {
|
|
||||||
Password string `json:"password"`
|
|
||||||
Username string `json:"user"`
|
|
||||||
Admin bool `json:"admin"`
|
|
||||||
Type authtypes.LoginType `json:"type"`
|
|
||||||
Mac gomatrixserverlib.HexString `json:"mac"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// newUserInteractiveResponse will return a struct to be sent back to the client
|
// newUserInteractiveResponse will return a struct to be sent back to the client
|
||||||
// during registration.
|
// during registration.
|
||||||
func newUserInteractiveResponse(
|
func newUserInteractiveResponse(
|
||||||
@ -757,85 +748,6 @@ func checkAndCompleteFlow(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// LegacyRegister process register requests from the legacy v1 API
|
|
||||||
func LegacyRegister(
|
|
||||||
req *http.Request,
|
|
||||||
userAPI userapi.UserInternalAPI,
|
|
||||||
cfg *config.ClientAPI,
|
|
||||||
) util.JSONResponse {
|
|
||||||
var r legacyRegisterRequest
|
|
||||||
resErr := parseAndValidateLegacyLogin(req, &r)
|
|
||||||
if resErr != nil {
|
|
||||||
return *resErr
|
|
||||||
}
|
|
||||||
|
|
||||||
logger := util.GetLogger(req.Context())
|
|
||||||
logger.WithFields(log.Fields{
|
|
||||||
"username": r.Username,
|
|
||||||
"auth.type": r.Type,
|
|
||||||
}).Info("Processing registration request")
|
|
||||||
|
|
||||||
if cfg.RegistrationDisabled && r.Type != authtypes.LoginTypeSharedSecret {
|
|
||||||
return util.MessageResponse(http.StatusForbidden, "Registration has been disabled")
|
|
||||||
}
|
|
||||||
|
|
||||||
switch r.Type {
|
|
||||||
case authtypes.LoginTypeSharedSecret:
|
|
||||||
if cfg.RegistrationSharedSecret == "" {
|
|
||||||
return util.MessageResponse(http.StatusBadRequest, "Shared secret registration is disabled")
|
|
||||||
}
|
|
||||||
|
|
||||||
valid, err := isValidMacLogin(cfg, r.Username, r.Password, r.Admin, r.Mac)
|
|
||||||
if err != nil {
|
|
||||||
util.GetLogger(req.Context()).WithError(err).Error("isValidMacLogin failed")
|
|
||||||
return jsonerror.InternalServerError()
|
|
||||||
}
|
|
||||||
|
|
||||||
if !valid {
|
|
||||||
return util.MessageResponse(http.StatusForbidden, "HMAC incorrect")
|
|
||||||
}
|
|
||||||
|
|
||||||
return completeRegistration(req.Context(), userAPI, r.Username, r.Password, "", req.RemoteAddr, req.UserAgent(), false, nil, nil)
|
|
||||||
case authtypes.LoginTypeDummy:
|
|
||||||
// there is nothing to do
|
|
||||||
return completeRegistration(req.Context(), userAPI, r.Username, r.Password, "", req.RemoteAddr, req.UserAgent(), false, nil, nil)
|
|
||||||
default:
|
|
||||||
return util.JSONResponse{
|
|
||||||
Code: http.StatusNotImplemented,
|
|
||||||
JSON: jsonerror.Unknown("unknown/unimplemented auth type"),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseAndValidateLegacyLogin parses the request into r and checks that the
|
|
||||||
// request is valid (e.g. valid user names, etc)
|
|
||||||
func parseAndValidateLegacyLogin(req *http.Request, r *legacyRegisterRequest) *util.JSONResponse {
|
|
||||||
resErr := httputil.UnmarshalJSONRequest(req, &r)
|
|
||||||
if resErr != nil {
|
|
||||||
return resErr
|
|
||||||
}
|
|
||||||
|
|
||||||
// Squash username to all lowercase letters
|
|
||||||
r.Username = strings.ToLower(r.Username)
|
|
||||||
|
|
||||||
if resErr = validateUsername(r.Username); resErr != nil {
|
|
||||||
return resErr
|
|
||||||
}
|
|
||||||
if resErr = validatePassword(r.Password); resErr != nil {
|
|
||||||
return resErr
|
|
||||||
}
|
|
||||||
|
|
||||||
// All registration requests must specify what auth they are using to perform this request
|
|
||||||
if r.Type == "" {
|
|
||||||
return &util.JSONResponse{
|
|
||||||
Code: http.StatusBadRequest,
|
|
||||||
JSON: jsonerror.BadJSON("invalid type"),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// completeRegistration runs some rudimentary checks against the submitted
|
// completeRegistration runs some rudimentary checks against the submitted
|
||||||
// input, then if successful creates an account and a newly associated device
|
// input, then if successful creates an account and a newly associated device
|
||||||
// We pass in each individual part of the request here instead of just passing a
|
// We pass in each individual part of the request here instead of just passing a
|
||||||
|
@ -89,7 +89,6 @@ func Setup(
|
|||||||
).Methods(http.MethodGet, http.MethodOptions)
|
).Methods(http.MethodGet, http.MethodOptions)
|
||||||
|
|
||||||
r0mux := publicAPIMux.PathPrefix("/r0").Subrouter()
|
r0mux := publicAPIMux.PathPrefix("/r0").Subrouter()
|
||||||
v1mux := publicAPIMux.PathPrefix("/api/v1").Subrouter()
|
|
||||||
unstableMux := publicAPIMux.PathPrefix("/unstable").Subrouter()
|
unstableMux := publicAPIMux.PathPrefix("/unstable").Subrouter()
|
||||||
|
|
||||||
r0mux.Handle("/createRoom",
|
r0mux.Handle("/createRoom",
|
||||||
@ -306,13 +305,6 @@ func Setup(
|
|||||||
return Register(req, userAPI, accountDB, cfg)
|
return Register(req, userAPI, accountDB, cfg)
|
||||||
})).Methods(http.MethodPost, http.MethodOptions)
|
})).Methods(http.MethodPost, http.MethodOptions)
|
||||||
|
|
||||||
v1mux.Handle("/register", httputil.MakeExternalAPI("register", func(req *http.Request) util.JSONResponse {
|
|
||||||
if r := rateLimits.rateLimit(req); r != nil {
|
|
||||||
return *r
|
|
||||||
}
|
|
||||||
return LegacyRegister(req, userAPI, cfg)
|
|
||||||
})).Methods(http.MethodPost, http.MethodOptions)
|
|
||||||
|
|
||||||
r0mux.Handle("/register/available", httputil.MakeExternalAPI("registerAvailable", func(req *http.Request) util.JSONResponse {
|
r0mux.Handle("/register/available", httputil.MakeExternalAPI("registerAvailable", func(req *http.Request) util.JSONResponse {
|
||||||
if r := rateLimits.rateLimit(req); r != nil {
|
if r := rateLimits.rateLimit(req); r != nil {
|
||||||
return *r
|
return *r
|
||||||
|
Loading…
Reference in New Issue
Block a user