diff --git a/cmd/create-account/main.go b/cmd/create-account/main.go index 6b7c79c1d..44d5691c2 100644 --- a/cmd/create-account/main.go +++ b/cmd/create-account/main.go @@ -83,6 +83,10 @@ func main() { } cfg := setup.ParseFlags(true) + if *resetPassword { + logrus.Fatalf("The reset-password flag has been replaced by the POST /_dendrite/admin/resetPassword/{localpart} admin API.") + } + if *username == "" { flag.Usage() os.Exit(1) @@ -102,13 +106,6 @@ func main() { logrus.Fatalln(err) } - if *resetPassword { - if err = passwordReset(*serverURL, *username, pass); err != nil { - logrus.Fatalln("Failed to reset the password:", err.Error()) - } - return - } - accessToken, err := sharedSecretRegister(cfg.ClientAPI.RegistrationSharedSecret, *serverURL, *username, pass, *isAdmin) if err != nil { logrus.Fatalln("Failed to create the account:", err.Error()) @@ -117,39 +114,6 @@ func main() { logrus.Infof("Created account: %s (AccessToken: %s)", *username, accessToken) } -func passwordReset(serverURL, localpart, password string) error { - resetURL := fmt.Sprintf("%s/_dendrite/admin/resetPassword/%s", serverURL, localpart) - request := struct { - Password string `json:"password"` - }{ - Password: password, - } - response := struct { - Updated bool `json:"password_updated"` - }{} - js, err := json.Marshal(request) - if err != nil { - return fmt.Errorf("unable to marshal json: %w", err) - } - registerReq, err := http.NewRequest(http.MethodPost, resetURL, bytes.NewBuffer(js)) - if err != nil { - return fmt.Errorf("unable to create http request: %w", err) - } - httpResp, err := cl.Do(registerReq) - if err != nil { - return fmt.Errorf("unable to create account: %w", err) - } - if err := json.NewDecoder(httpResp.Body).Decode(&response); err != nil { - return fmt.Errorf("unable to decode response: %w", err) - } - if response.Updated { - logrus.Infof("Reset password for user %q and invalidated all user sessions", localpart) - } else { - logrus.Infof("Failed to reset password for user %q", localpart) - } - return nil -} - type sharedSecretRegistrationRequest struct { User string `json:"username"` Password string `json:"password"` diff --git a/docs/administration/4_adminapi.md b/docs/administration/4_adminapi.md index 51f56374b..783fee95a 100644 --- a/docs/administration/4_adminapi.md +++ b/docs/administration/4_adminapi.md @@ -13,19 +13,32 @@ without warning. More endpoints will be added in the future. -## `/_dendrite/admin/evacuateRoom/{roomID}` +## GET `/_dendrite/admin/evacuateRoom/{roomID}` This endpoint will instruct Dendrite to part all local users from the given `roomID` in the URL. It may take some time to complete. A JSON body will be returned containing the user IDs of all affected users. -## `/_dendrite/admin/evacuateUser/{userID}` +## GET `/_dendrite/admin/evacuateUser/{userID}` This endpoint will instruct Dendrite to part the given local `userID` in the URL from all rooms which they are currently joined. A JSON body will be returned containing the room IDs of all affected rooms. -## `/_synapse/admin/v1/register` +## POST `/_dendrite/admin/resetPassword/{localpart}` + +Request body format: + +``` +{ + "password": "new_password_here" +} +``` + +Reset the password of a local user. The `localpart` is the username only, i.e. if +the full user ID is `@alice:domain.com` then the local part is `alice`. + +## GET `/_synapse/admin/v1/register` Shared secret registration — please see the [user creation page](createusers) for guidance on configuring and using this endpoint.