forked from MirrorHub/synapse
Remove POST method from password reset submit_token endpoint (#6056)
Removes the POST method from `/password_reset/<medium>/submit_token/` as it's only used by phone number verification which Synapse does not support yet.
This commit is contained in:
parent
38fd1f8e3f
commit
62e3ff92fd
2 changed files with 1 additions and 17 deletions
1
changelog.d/6056.bugfix
Normal file
1
changelog.d/6056.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Remove POST method from password reset submit_token endpoint until we implement submit_url functionality.
|
|
@ -272,23 +272,6 @@ class PasswordResetSubmitTokenServlet(RestServlet):
|
|||
request.write(html.encode("utf-8"))
|
||||
finish_request(request)
|
||||
|
||||
@defer.inlineCallbacks
|
||||
def on_POST(self, request, medium):
|
||||
if medium != "email":
|
||||
raise SynapseError(
|
||||
400, "This medium is currently not supported for password resets"
|
||||
)
|
||||
|
||||
body = parse_json_object_from_request(request)
|
||||
assert_params_in_dict(body, ["sid", "client_secret", "token"])
|
||||
|
||||
valid, _ = yield self.store.validate_threepid_session(
|
||||
body["sid"], body["client_secret"], body["token"], self.clock.time_msec()
|
||||
)
|
||||
response_code = 200 if valid else 400
|
||||
|
||||
return response_code, {"success": valid}
|
||||
|
||||
|
||||
class PasswordRestServlet(RestServlet):
|
||||
PATTERNS = client_patterns("/account/password$")
|
||||
|
|
Loading…
Reference in a new issue