mirrors/synapse
1
0
Fork 0
mirror of https://github.com/element-hq/synapse.git synced 2024-12-19 01:21:09 +03:00
Code Issues Projects Releases Packages Wiki Activity

add option to require an access_token to GET /profile on CS API

Browse source
This commit is contained in:
Matthew Hodgson 2019-04-21 00:58:53 +01:00
parent 0fcf7e5c57
commit b31d56efac
2 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
synapse/config/server.py
View file

@ -71,6 +71,10 @@ class ServerConfig(Config):
# master, potentially causing inconsistency. # master, potentially causing inconsistency.
self.enable_media_repo = config.get("enable_media_repo", True) self.enable_media_repo = config.get("enable_media_repo", True)
# whether to require users to authenticate in order to query /profile
# endpoints via CS API. this is a workaround in advance of MSC1301 landing
self.auth_profile_reqs = config.get("auth_profile_reqs", True)
# whether to enable search. If disabled, new entries will not be inserted # whether to enable search. If disabled, new entries will not be inserted
# into the search tables and they will not be indexed. Users will receive # into the search tables and they will not be indexed. Users will receive
# errors when attempting to search for messages. # errors when attempting to search for messages.
@ -318,6 +322,10 @@ class ServerConfig(Config):
# #
#use_presence: false #use_presence: false
# whether to require users to authenticate in order to query /profile
# endpoints via CS API. this is a workaround in advance of MSC1301 landing
#auth_profile_reqs: false
# The GC threshold parameters to pass to `gc.set_threshold`, if defined # The GC threshold parameters to pass to `gc.set_threshold`, if defined
# #
#gc_thresholds: [700, 10, 10] #gc_thresholds: [700, 10, 10]

6
synapse/rest/client/v1/profile.py
View file

@ -36,6 +36,8 @@ class ProfileDisplaynameRestServlet(ClientV1RestServlet):
@defer.inlineCallbacks @defer.inlineCallbacks
def on_GET(self, request, user_id): def on_GET(self, request, user_id):
if self.hs.config.auth_profile_reqs:
yield self.auth.get_user_by_req(request)
user = UserID.from_string(user_id) user = UserID.from_string(user_id)
displayname = yield self.profile_handler.get_displayname( displayname = yield self.profile_handler.get_displayname(
@ -99,6 +101,8 @@ class ProfileAvatarURLRestServlet(ClientV1RestServlet):
@defer.inlineCallbacks @defer.inlineCallbacks
def on_GET(self, request, user_id): def on_GET(self, request, user_id):
if self.hs.config.auth_profile_reqs:
yield self.auth.get_user_by_req(request)
user = UserID.from_string(user_id) user = UserID.from_string(user_id)
avatar_url = yield self.profile_handler.get_avatar_url( avatar_url = yield self.profile_handler.get_avatar_url(
@ -160,6 +164,8 @@ class ProfileRestServlet(ClientV1RestServlet):
@defer.inlineCallbacks @defer.inlineCallbacks
def on_GET(self, request, user_id): def on_GET(self, request, user_id):
if self.hs.config.auth_profile_reqs:
yield self.auth.get_user_by_req(request)
user = UserID.from_string(user_id) user = UserID.from_string(user_id)
displayname = yield self.profile_handler.get_displayname( displayname = yield self.profile_handler.get_displayname(