Remove POST method from password reset submit_token endpoint (#6056)

Removes the POST method from `/password_reset/<medium>/submit_token/` as it's only used by phone number verification which Synapse does not support yet.
This commit is contained in:
Andrew Morgan 2019-09-19 10:53:14 +01:00 committed by GitHub
parent 38fd1f8e3f
commit 62e3ff92fd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 1 additions and 17 deletions

1
changelog.d/6056.bugfix Normal file
View file

@ -0,0 +1 @@
Remove POST method from password reset submit_token endpoint until we implement submit_url functionality.

View file

@ -272,23 +272,6 @@ class PasswordResetSubmitTokenServlet(RestServlet):
request.write(html.encode("utf-8"))
finish_request(request)
@defer.inlineCallbacks
def on_POST(self, request, medium):
if medium != "email":
raise SynapseError(
400, "This medium is currently not supported for password resets"
)
body = parse_json_object_from_request(request)
assert_params_in_dict(body, ["sid", "client_secret", "token"])
valid, _ = yield self.store.validate_threepid_session(
body["sid"], body["client_secret"], body["token"], self.clock.time_msec()
)
response_code = 200 if valid else 400
return response_code, {"success": valid}
class PasswordRestServlet(RestServlet):
PATTERNS = client_patterns("/account/password$")