Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Remove POST method from password reset submit_token endpoint (#6056)
Browse files Browse the repository at this point in the history
  • Loading branch information
anoadragon453 committed Feb 25, 2020
2 parents 3d05c29 + 62e3ff9 commit bd3a6f6
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 19 deletions.
1 change: 1 addition & 0 deletions changelog.d/6056.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Remove POST method from password reset submit_token endpoint until we implement submit_url functionality.
19 changes: 0 additions & 19 deletions synapse/rest/client/v2_alpha/account.py
Original file line number Diff line number Diff line change
Expand Up @@ -282,25 +282,6 @@ def on_GET(self, request, medium):
request.write(html.encode("utf-8"))
finish_request(request)

@defer.inlineCallbacks
def on_POST(self, request, medium):
if medium != "email":
raise SynapseError(
400, "This medium is currently not supported for password resets"
)

body = parse_json_object_from_request(request)
assert_params_in_dict(body, ["sid", "client_secret", "token"])

assert_valid_client_secret(body["client_secret"])

valid, _ = yield self.store.validate_threepid_session(
body["sid"], body["client_secret"], body["token"], self.clock.time_msec()
)
response_code = 200 if valid else 400

return response_code, {"success": valid}


class PasswordRestServlet(RestServlet):
PATTERNS = client_patterns("/account/password$")
Expand Down

0 comments on commit bd3a6f6

Please sign in to comment.