Move templates. New option to disable password resets

2024-12-21 03:42:55 +03:00 · 2019-06-05 16:36:02 +01:00 · 2019-06-05 16:36:02 +01:00 · 70b161decc
commit 70b161decc
parent 4c406f5afc
5 changed files with 16 additions and 22 deletions
--- a/res/templates/password_reset.html
+++ b/res/templates/password_reset.html
@ -1,9 +0,0 @@
-<html>
-<body>
-    <p>here's the link you forgetful person you!</p>
-
-    <a href="{{ link }}">Reset your password</a>
-
-    <p>now get on back to happy town!</p>
-</body>
-</html>
--- a/res/templates/password_reset.txt
+++ b/res/templates/password_reset.txt
@ -1,5 +0,0 @@
-here's the link you forgetful person you!
-
-{{ link }}
-
-now get on back to happy town!
--- a/synapse/config/emailconfig.py
+++ b/synapse/config/emailconfig.py
@ -64,7 +64,7 @@ class EmailConfig(Config):
        # work for the same reason.)
        if not template_dir:
            template_dir = pkg_resources.resource_filename(
-                'synapse', '../res/templates'
+                'synapse', 'res/templates'
            )

        self.email_template_dir = os.path.abspath(template_dir)
@ -94,7 +94,7 @@ class EmailConfig(Config):
            jinja2
            bleach

-        if not self.email_enable_password_reset_from_is:
+        if self.allow_password_resets and not self.email_enable_password_reset_from_is:
            required = [
                "smtp_host",
                "smtp_port",
--- a/synapse/config/password.py
+++ b/synapse/config/password.py
@ -21,6 +21,8 @@ class PasswordConfig(Config):
    """

    def read_config(self, config):
+        self.allow_password_resets = config.get("allow_password_resets", False)
+
        password_config = config.get("password_config", {})
        if password_config is None:
            password_config = {}
@ -30,6 +32,18 @@ class PasswordConfig(Config):

    def default_config(self, config_dir_path, server_name, **kwargs):
        return """\
+        # Allow users to reset their password
+        #
+        # Resetting a user's password is done either by sending a token from
+        # Synapse, or asking an identity server to do so. In Synapse v1.0,
+        # sending a password reset token from an identity server was turned off
+        # by default for security reasons.
+        #
+        # If enable_password_reset_from_is is False, you must fill out the
+        # "email" section of the config before enabling password resets
+        #
+        #allow_password_resets: False
+
        password_config:
           # Uncomment to disable password login
           #
--- a/tests/utils.py
+++ b/tests/utils.py
@ -131,12 +131,6 @@ def default_config(name, parse=False):
        "password_providers": [],
        "worker_replication_url": "",
        "worker_app": None,
-        "email": {
-            "enable_notifs": False,
-            "smtp_host": "somehost",
-            "smtp_port": 25,
-            "notif_from": "someone <someone@example.com>",
-        },
        "block_non_admin_invites": False,
        "federation_domain_whitelist": None,
        "filter_timeline_limit": 5000,