Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Don't check whether a 3pid is allowed to register during password res…
Browse files Browse the repository at this point in the history
…et (#8414)

* Don't check whether a 3pid is allowed to register during password reset

This endpoint should only deal with emails that have already been approved, and
are attached with user's account. There's no need to re-check them here.

* Changelog
  • Loading branch information
anoadragon453 authored Sep 29, 2020
2 parents b1433bf + f43c66d commit e154f7c
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 7 deletions.
1 change: 1 addition & 0 deletions changelog.d/8414.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Remove unnecessary 3PID registration check when resetting password via an email address. Bug introduced in v0.34.0rc2.
7 changes: 0 additions & 7 deletions synapse/rest/client/v2_alpha/account.py
Original file line number Diff line number Diff line change
Expand Up @@ -96,13 +96,6 @@ async def on_POST(self, request):
send_attempt = body["send_attempt"]
next_link = body.get("next_link") # Optional param

if not check_3pid_allowed(self.hs, "email", email):
raise SynapseError(
403,
"Your email domain is not authorized on this server",
Codes.THREEPID_DENIED,
)

if next_link:
# Raise if the provided next_link value isn't valid
assert_valid_next_link(self.hs, next_link)
Expand Down

0 comments on commit e154f7c

Please sign in to comment.