Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
Already on GitHub? Sign in to your account
Optionally include password hash in createUser endpoint #905
Conversation
matrixbot
commented
Jul 3, 2016
|
Can one of the admins verify this patch? |
matrixbot
commented
Jul 3, 2016
|
Can one of the admins verify this patch? |
matrixbot
commented
Jul 3, 2016
|
Can one of the admins verify this patch? |
matrixbot
commented
Jul 3, 2016
|
Can one of the admins verify this patch? |
matrixbot
commented
Jul 3, 2016
|
Can one of the admins verify this patch? |
KentShikama
Kent Shikama
erikjohnston
commented on an outdated diff
Jul 4, 2016
| @@ -410,12 +410,14 @@ def _do_create(self, user_json): | ||
| raise SynapseError(400, "Failed to parse 'duration_seconds'") | ||
| if duration_seconds > self.direct_user_creation_max_duration: | ||
| duration_seconds = self.direct_user_creation_max_duration | ||
| + password_hash = user_json["password_hash"].encode("utf-8") if user_json["password_hash"] else None |
erikjohnston
Owner
|
|
@matrixbot ok to test (I really wish that jenkins wasn't quite so spammy) |
|
The two "correct" ways of doing this would be:
Both of those would be non-trivial things to add, though 2. could potentially be doable. (In the future the plan is to support a more pluggable/modular auth system.) However, given this is a restricted AS API, I'm happy enough to accept this PR. |
|
You have a couple of code style violations: http://matrix.org/jenkins/job/SynapseFlake8Packaging/621/violations/ Looks like they're just lines that are too long; we prefer lines < 80 and require lines to be < 90. |
KentShikama
Kent Shikama
|
Yeah 2. would be ideal indeed. Diaspora already does something like that with a Prosody (XMPP) mod: a couple hundred lines of lua code I believe. Thanks for allowing this! |
|
np! |
KentShikama commentedJul 3, 2016
I'm working on a potential application service called Diaspora, a decentralized social networking site, which I would like to register Matrix users from. The idea is that Vector would be embedded in Diaspora as attached below. However I would also like any Diaspora user to login to their Matrix accounts through Vector or any other clients that are made in the future using their Diaspora credentials.
Matthew brought up the concern in matrix-dev that this would couple bcrypt to Synapse. My response is that if bcrypt became insecure for some reason, then it would mean that Diaspora would also have to change hashing algorithms too, and thus there wouldn't be much concern about making breaking changes. I would also not mind simply having this optional argument marked as unstable - as in Synapse will be free to make breaking changes whenever they want in terms of hashing algorithms - as it would be much easier than maintaining my own fork.