2019-02-20 09:45:23 -08:00
|
|
|
// Matrix Construct
|
|
|
|
//
|
|
|
|
// Copyright (C) Matrix Construct Developers, Authors & Contributors
|
|
|
|
// Copyright (C) 2016-2019 Jason Volk <jason@zemos.net>
|
|
|
|
//
|
|
|
|
// Permission to use, copy, modify, and/or distribute this software for any
|
|
|
|
// purpose with or without fee is hereby granted, provided that the above
|
|
|
|
// copyright notice and this permission notice is present in all copies. The
|
|
|
|
// full license for this software is available in the LICENSE file.
|
|
|
|
|
|
|
|
using namespace ircd;
|
|
|
|
|
2019-09-28 16:12:07 -07:00
|
|
|
static m::resource::response
|
2019-03-11 10:41:28 -07:00
|
|
|
post__delete_devices(client &client,
|
2019-09-28 16:12:07 -07:00
|
|
|
const m::resource::request &request);
|
2019-03-11 10:41:28 -07:00
|
|
|
|
|
|
|
extern const std::string flows;
|
|
|
|
|
2019-02-20 09:45:23 -08:00
|
|
|
mapi::header
|
|
|
|
IRCD_MODULE
|
|
|
|
{
|
|
|
|
"Client 14.10.1.5 :Device Management"
|
|
|
|
};
|
|
|
|
|
2019-09-28 16:12:07 -07:00
|
|
|
ircd::m::resource
|
2019-02-20 09:45:23 -08:00
|
|
|
delete_devices_resource
|
|
|
|
{
|
|
|
|
"/_matrix/client/r0/delete_devices/",
|
|
|
|
{
|
|
|
|
"14.10.1.5 :Device Management"
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2019-09-28 16:12:07 -07:00
|
|
|
m::resource::method
|
2019-02-20 09:45:23 -08:00
|
|
|
method_post
|
|
|
|
{
|
|
|
|
delete_devices_resource, "POST", post__delete_devices,
|
|
|
|
{
|
|
|
|
method_post.REQUIRES_AUTH
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2019-09-28 16:12:07 -07:00
|
|
|
m::resource::response
|
2019-02-20 09:45:23 -08:00
|
|
|
post__delete_devices(client &client,
|
2019-09-28 16:12:07 -07:00
|
|
|
const m::resource::request &request)
|
2019-02-20 09:45:23 -08:00
|
|
|
{
|
|
|
|
const json::array &devices
|
|
|
|
{
|
|
|
|
request.at("devices")
|
|
|
|
};
|
|
|
|
|
|
|
|
const json::object &auth
|
|
|
|
{
|
|
|
|
request["auth"]
|
|
|
|
};
|
|
|
|
|
2019-02-20 15:45:32 -08:00
|
|
|
// 14.10.2 Security considerations
|
|
|
|
const json::string &type{auth["type"]};
|
|
|
|
if(type != "m.login.password")
|
2019-09-28 16:12:07 -07:00
|
|
|
return m::resource::response
|
2019-02-20 15:45:32 -08:00
|
|
|
{
|
|
|
|
client, http::UNAUTHORIZED, json::object{flows}
|
|
|
|
};
|
2019-02-20 09:45:23 -08:00
|
|
|
|
2019-02-20 15:45:32 -08:00
|
|
|
const json::string &password{auth["password"]};
|
|
|
|
if(!m::user(request.user_id).is_password(password))
|
|
|
|
throw m::ACCESS_DENIED
|
|
|
|
{
|
|
|
|
"Incorrect password."
|
|
|
|
};
|
2019-02-20 09:45:23 -08:00
|
|
|
|
2020-04-01 18:30:02 -07:00
|
|
|
const m::user::devices user_devices
|
|
|
|
{
|
|
|
|
request.user_id
|
|
|
|
};
|
|
|
|
|
2023-03-03 12:13:47 -08:00
|
|
|
const m::user::tokens access_tokens
|
|
|
|
{
|
|
|
|
request.user_id
|
|
|
|
};
|
|
|
|
|
|
|
|
size_t revoked(0);
|
2021-02-25 14:33:52 -08:00
|
|
|
for(const json::string device_id : devices)
|
2023-03-03 12:13:47 -08:00
|
|
|
revoked += access_tokens.del_by_device(device_id, "device deleted");
|
|
|
|
|
|
|
|
size_t deleted(0);
|
|
|
|
for(const json::string device_id : devices)
|
|
|
|
deleted += user_devices.del(device_id);
|
2019-02-20 09:45:23 -08:00
|
|
|
|
2019-09-28 16:12:07 -07:00
|
|
|
return m::resource::response
|
2019-02-20 09:45:23 -08:00
|
|
|
{
|
2023-03-03 12:13:47 -08:00
|
|
|
client, json::members
|
|
|
|
{
|
|
|
|
{ "deleted", long(deleted) },
|
|
|
|
{ "revoked", long(revoked) },
|
|
|
|
}
|
2019-02-20 09:45:23 -08:00
|
|
|
};
|
|
|
|
}
|
2019-02-20 15:45:32 -08:00
|
|
|
|
|
|
|
const std::string
|
|
|
|
flows
|
|
|
|
{
|
|
|
|
ircd::string(512 | SHRINK_TO_FIT, [](const mutable_buffer &buf)
|
|
|
|
{
|
|
|
|
json::stack out{buf};
|
|
|
|
{
|
|
|
|
json::stack::object top{out};
|
|
|
|
json::stack::array flows{top, "flows"};
|
|
|
|
json::stack::object flow{flows};
|
|
|
|
json::stack::array stages{flow, "stages"};
|
|
|
|
stages.append("m.login.password");
|
|
|
|
}
|
|
|
|
|
|
|
|
return out.completed();
|
|
|
|
})
|
|
|
|
};
|