mirror of
https://github.com/element-hq/synapse.git
synced 2024-12-19 01:21:09 +03:00
add option to require an access_token to GET /profile on CS API
This commit is contained in:
parent
0fcf7e5c57
commit
b31d56efac
2 changed files with 14 additions and 0 deletions
|
@ -71,6 +71,10 @@ class ServerConfig(Config):
|
||||||
# master, potentially causing inconsistency.
|
# master, potentially causing inconsistency.
|
||||||
self.enable_media_repo = config.get("enable_media_repo", True)
|
self.enable_media_repo = config.get("enable_media_repo", True)
|
||||||
|
|
||||||
|
# whether to require users to authenticate in order to query /profile
|
||||||
|
# endpoints via CS API. this is a workaround in advance of MSC1301 landing
|
||||||
|
self.auth_profile_reqs = config.get("auth_profile_reqs", True)
|
||||||
|
|
||||||
# whether to enable search. If disabled, new entries will not be inserted
|
# whether to enable search. If disabled, new entries will not be inserted
|
||||||
# into the search tables and they will not be indexed. Users will receive
|
# into the search tables and they will not be indexed. Users will receive
|
||||||
# errors when attempting to search for messages.
|
# errors when attempting to search for messages.
|
||||||
|
@ -318,6 +322,10 @@ class ServerConfig(Config):
|
||||||
#
|
#
|
||||||
#use_presence: false
|
#use_presence: false
|
||||||
|
|
||||||
|
# whether to require users to authenticate in order to query /profile
|
||||||
|
# endpoints via CS API. this is a workaround in advance of MSC1301 landing
|
||||||
|
#auth_profile_reqs: false
|
||||||
|
|
||||||
# The GC threshold parameters to pass to `gc.set_threshold`, if defined
|
# The GC threshold parameters to pass to `gc.set_threshold`, if defined
|
||||||
#
|
#
|
||||||
#gc_thresholds: [700, 10, 10]
|
#gc_thresholds: [700, 10, 10]
|
||||||
|
|
|
@ -36,6 +36,8 @@ class ProfileDisplaynameRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id):
|
def on_GET(self, request, user_id):
|
||||||
|
if self.hs.config.auth_profile_reqs:
|
||||||
|
yield self.auth.get_user_by_req(request)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
displayname = yield self.profile_handler.get_displayname(
|
displayname = yield self.profile_handler.get_displayname(
|
||||||
|
@ -99,6 +101,8 @@ class ProfileAvatarURLRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id):
|
def on_GET(self, request, user_id):
|
||||||
|
if self.hs.config.auth_profile_reqs:
|
||||||
|
yield self.auth.get_user_by_req(request)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
avatar_url = yield self.profile_handler.get_avatar_url(
|
avatar_url = yield self.profile_handler.get_avatar_url(
|
||||||
|
@ -160,6 +164,8 @@ class ProfileRestServlet(ClientV1RestServlet):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id):
|
def on_GET(self, request, user_id):
|
||||||
|
if self.hs.config.auth_profile_reqs:
|
||||||
|
yield self.auth.get_user_by_req(request)
|
||||||
user = UserID.from_string(user_id)
|
user = UserID.from_string(user_id)
|
||||||
|
|
||||||
displayname = yield self.profile_handler.get_displayname(
|
displayname = yield self.profile_handler.get_displayname(
|
||||||
|
|
Loading…
Reference in a new issue