mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2026-01-15 10:03:09 -06:00
Code Issues Packages Projects Releases Wiki Activity

CreateNewToken API: Initial Changes

Browse source
This commit is contained in:
santhoshivan23 2023-06-03 21:47:24 +05:30
parent d11da6ec7c
commit 80ceb18c78
4 changed files with 96 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
clientapi/auth/authtypes/logintypes.go
View file

@ -11,4 +11,5 @@ const (
LoginTypeRecaptcha = "m.login.recaptcha" LoginTypeRecaptcha = "m.login.recaptcha"
LoginTypeApplicationService = "m.login.application_service" LoginTypeApplicationService = "m.login.application_service"
LoginTypeToken = "m.login.token" LoginTypeToken = "m.login.token"
LoginTypeRegistrationToken = "m.login.registration_token"
) )

81
clientapi/routing/admin.go
View file

@ -6,6 +6,7 @@ import (
"errors" "errors"
"fmt" "fmt"
"net/http" "net/http"
"regexp"
"time" "time"
"github.com/gorilla/mux" "github.com/gorilla/mux"
@ -24,6 +25,86 @@ import (
"github.com/matrix-org/dendrite/userapi/api" "github.com/matrix-org/dendrite/userapi/api"
) )
func AdminCreateNewToken(req *http.Request) util.JSONResponse {
request := struct {
Token string `json:"token"`
UsesAllowed int32 `json:"uses_allowed"`
ExpiryTime int64 `json:"expiry_time"`
Length int32 `json:"length"`
}{}
if err := json.NewDecoder(req.Body).Decode(&request); err != nil {
return util.JSONResponse{
Code: http.StatusBadRequest,
JSON: spec.Unknown("Failed to decode request body: " + err.Error()),
}
}
token := request.Token
if len(token) > 0 {
if len(token) > 64 {
return util.MatrixErrorResponse(
http.StatusBadRequest,
string(spec.ErrorInvalidParam),
"token must not be empty and must not be longer than 64")
}
is_token_valid, _ := regexp.MatchString("^[[:ascii:][:digit:]_]*$", token)
if !is_token_valid {
return util.MatrixErrorResponse(
http.StatusBadRequest,
string(spec.ErrorInvalidParam),
"token must consist only of characters matched by the regex [A-Za-z0-9-_]")
}
} else {
length := request.Length
if length > 0 && length <= 64 {
return util.MatrixErrorResponse(
http.StatusBadRequest,
string(spec.ErrorInvalidParam),
"length must be greater than zero and not greater than 64")
}
// TODO: Generate Random Token
// token = GenerateRandomToken(length)
}
uses_allowed := request.UsesAllowed
if uses_allowed < 0 {
return util.MatrixErrorResponse(
http.StatusBadRequest,
string(spec.ErrorInvalidParam),
"uses_allowed must be a non-negative integer or null")
}
expiry_time := request.ExpiryTime
if expiry_time != 0 && expiry_time < time.Now().UnixNano()/int64(time.Millisecond) {
return util.MatrixErrorResponse(
http.StatusBadRequest,
string(spec.ErrorInvalidParam),
"expiry_time must not be in the past")
}
created := CreateToken(token, uses_allowed, expiry_time)
if !created {
return util.MatrixErrorResponse(
http.StatusBadRequest,
string(spec.ErrorInvalidParam),
fmt.Sprintf("Token alreaady exists: %s", token))
}
return util.JSONResponse{
Code: 200,
JSON: map[string]interface{}{
"token": token,
"uses_allowed": uses_allowed,
"pending": 0,
"completed": 0,
"expiry_time": expiry_time,
},
}
}
func CreateToken(token string, uses_allowed int32, expiryTime int64) bool {
// TODO: Implement Create Token -> Inserts token into table registration_tokens.
// Returns true if token created, false if token already exists.
return true
}
func AdminEvacuateRoom(req *http.Request, rsAPI roomserverAPI.ClientRoomserverAPI) util.JSONResponse { func AdminEvacuateRoom(req *http.Request, rsAPI roomserverAPI.ClientRoomserverAPI) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req)) vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil { if err != nil {

5
clientapi/routing/routing.go
View file

@ -162,6 +162,11 @@ func Setup(
}), }),
).Methods(http.MethodGet, http.MethodPost, http.MethodOptions) ).Methods(http.MethodGet, http.MethodPost, http.MethodOptions)
} }
dendriteAdminRouter.Handle("/admin/registrationTokens/new",
httputil.MakeAdminAPI("admin_registration_tokens_new", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
return AdminCreateNewToken(req)
}),
).Methods(http.MethodPost, http.MethodOptions)
dendriteAdminRouter.Handle("/admin/evacuateRoom/{roomID}", dendriteAdminRouter.Handle("/admin/evacuateRoom/{roomID}",
httputil.MakeAdminAPI("admin_evacuate_room", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse { httputil.MakeAdminAPI("admin_evacuate_room", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {

9
setup/config/config_clientapi.go
View file

@ -13,6 +13,10 @@ type ClientAPI struct {
// secrets) // secrets)
RegistrationDisabled bool `yaml:"registration_disabled"` RegistrationDisabled bool `yaml:"registration_disabled"`
// If set, requires users to submit a token during registration.
// Tokens can be managed using admin API.
RegistrationRequiresToken bool `yaml:"registration_requires_token"`
// Enable registration without captcha verification or shared secret. // Enable registration without captcha verification or shared secret.
// This option is populated by the -really-enable-open-registration // This option is populated by the -really-enable-open-registration
// command line parameter as it is not recommended. // command line parameter as it is not recommended.
@ -56,6 +60,7 @@ type ClientAPI struct {
func (c *ClientAPI) Defaults(opts DefaultOpts) { func (c *ClientAPI) Defaults(opts DefaultOpts) {
c.RegistrationSharedSecret = "" c.RegistrationSharedSecret = ""
c.RegistrationRequiresToken = false
c.RecaptchaPublicKey = "" c.RecaptchaPublicKey = ""
c.RecaptchaPrivateKey = "" c.RecaptchaPrivateKey = ""
c.RecaptchaEnabled = false c.RecaptchaEnabled = false
@ -100,6 +105,10 @@ func (c *ClientAPI) Verify(configErrs *ConfigErrors) {
) )
} }
} }
if c.RegistrationDisabled && c.RegistrationRequiresToken {
configErrs.Add("registration_requires_token cannot be set to true when registration_disabled is true")
}
} }
type TURN struct { type TURN struct {