def authV2(
sydent: "Sydent",
request: Request,
requireTermsAgreed: bool = True,
) -> "Account":
"""For v2 APIs check that the request has a valid access token associated with it
:param sydent: The Sydent instance to use.
:param request: The request to look for an access token in.
:param requireTermsAgreed: Whether to deny authentication if the user hasn't accepted
the terms of service.
:returns Account: The account object if there is correct auth
:raises MatrixRestError: If the request is v2 but could not be authed or the user has
not accepted terms.
"""
token = tokenFromRequest(request)
if token is None:
raise MatrixRestError(401, "M_UNAUTHORIZED", "Unauthorized")
accountStore = AccountStore(sydent)
account = accountStore.getAccountByToken(token)
if account is None:
raise MatrixRestError(401, "M_UNAUTHORIZED", "Unauthorized")
if requireTermsAgreed:
terms = get_terms(sydent)
if (terms.getMasterVersion() is not None
and account.consentVersion != terms.getMasterVersion()):
raise MatrixRestError(403, "M_TERMS_NOT_SIGNED",
"Terms not signed")
return account
def render_POST(self, request):
"""
Mark a set of terms and conditions as having been agreed to
"""
send_cors(request)
account = authIfV2(self.sydent, request, False)
args = get_args(request, ("user_accepts",))
user_accepts = args["user_accepts"]
terms = get_terms(self.sydent)
unknown_urls = list(set(user_accepts) - terms.getUrlSet())
if len(unknown_urls) > 0:
return {
"errcode": "M_UNKNOWN",
"error": "Unrecognised URLs: %s" % (', '.join(unknown_urls),),
}
termsStore = TermsStore(self.sydent)
termsStore.addAgreedUrls(account.userId, user_accepts)
all_accepted_urls = termsStore.getAgreedUrls(account.userId)
if terms.urlListIsSufficient(all_accepted_urls):
accountStore = AccountStore(self.sydent)
accountStore.setConsentVersion(account.userId, terms.getMasterVersion())
return {}
def authIfV2(sydent, request, requireTermsAgreed=True):
"""For v2 APIs check that the request has a valid access token associated with it
:returns Account|None: The account object if there is correct auth, or None for v1 APIs
:raises MatrixRestError: If the request is v2 but could not be authed or the user has not accepted terms
"""
if request.path.startswith('/_matrix/identity/v2'):
token = tokenFromRequest(request)
if token is None:
raise MatrixRestError(401, "M_UNAUTHORIZED", "Unauthorized")
accountStore = AccountStore(sydent)
account = accountStore.getAccountByToken(token)
if account is None:
raise MatrixRestError(401, "M_UNAUTHORIZED", "Unauthorized")
if requireTermsAgreed:
terms = get_terms(sydent)
if (terms.getMasterVersion() is not None
and account.consentVersion != terms.getMasterVersion()):
raise MatrixRestError(403, "M_TERMS_NOT_SIGNED",
"Terms not signed")
return account
return None
def render_GET(self, request):
"""
Get the terms that must be agreed to in order to use this service
Returns: Object describing the terms that require agreement
"""
send_cors(request)
terms = get_terms(self.sydent)
return terms.getForClient()
def authIfV2(sydent, request, requireTermsAgreed=True):
"""For v2 APIs check that the request has a valid access token associated with it
:param sydent: The Sydent instance to use.
:type sydent: sydent.sydent.Sydent
:param request: The request to look for an access token in.
:type request: twisted.web.server.Request
:param requireTermsAgreed: Whether to deny authentication if the user hasn't accepted
the terms of service.
:returns Account|None: The account object if there is correct auth, or None for v1
APIs.
:raises MatrixRestError: If the request is v2 but could not be authed or the user has
not accepted terms.
"""
if request.path.startswith(b'/_matrix/identity/v2'):
token = tokenFromRequest(request)
if token is None:
raise MatrixRestError(401, "M_UNAUTHORIZED", "Unauthorized")
accountStore = AccountStore(sydent)
account = accountStore.getAccountByToken(token)
if account is None:
raise MatrixRestError(401, "M_UNAUTHORIZED", "Unauthorized")
if requireTermsAgreed:
terms = get_terms(sydent)
if (
terms.getMasterVersion() is not None and
account.consentVersion != terms.getMasterVersion()
):
raise MatrixRestError(403, "M_TERMS_NOT_SIGNED", "Terms not signed")
return account
return None