nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/matrixsynapse/forms.py
Sunil Mohan Adapa 92aff3e63c
matrixsynapse: Add token based registration verification 
- Allow setting registration verification to token based registration
verification.

- Configure the server with registration secret. Use the registration secret to
register an admin account for FreedomBox's use. Store the access token provided
during registration for future use.

- Use Admin API and the access token to create a registration verification
token. Show list of all registration tokens on app page.

Tests:

- On a fresh installation, setup succeeds, public registration is disabled.
Enabling public registration sets verification to be disabled by default.
Registration tokens are not shown in status.

- Without the patch, install the app and enable public registration. Apply the
patches. After update registration verification will show as disabled.

- Setting verification method to registration token works.
freedombox-registration-secret.yaml file is created. This file has 0o600
permissions and is owned by matrix-synapse:nogroup.
freedombox-admin-access-token.txt file is created. This file has 0o600
permissions and is owned by root:root. List of registration tokens are shown in
status section. Registration with Element app works with the token listed.

- Disabling registration verification works. Registration tokens are not shown
in status section. Registration with Element app works without verification.

- Disable app. Try to update the verification configuration to use tokens. An
error should be thrown that configuration can't be updated when app is disabled.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2023-03-27 17:07:08 -04:00

61 lines
2.5 KiB
Python
Raw Blame History

# SPDX-License-Identifier: AGPL-3.0-or-later
"""
Forms for the Matrix Synapse module.
"""
from django import forms
from django.urls import reverse_lazy
from django.utils.translation import gettext_lazy as _
from plinth.modules.coturn.forms import turn_uris_validator
from plinth.utils import format_lazy
_registration_verification_choices = [
('disabled',
_('Disabled. This could lead to adversaries registering many spam '
'accounts on your server with automated scripts.')),
('token',
_('Require users creating a new account to use a registration token. A '
'token will be created automatically. Pass this token to your '
'potential new users. They will be asked for the token during '
'registration. (recommended)')),
]
class MatrixSynapseForm(forms.Form):
enable_public_registration = forms.BooleanField(
label=_('Enable Public Registration'), required=False, help_text=_(
'Enabling public registration means that anyone on the Internet '
'can register a new account on your Matrix server. Disable this '
'if you only want existing users to be able to use it.'))
registration_verification = forms.ChoiceField(
label=_('Verification method for registration'),
choices=_registration_verification_choices, required=True,
widget=forms.RadioSelect)
enable_managed_turn = forms.BooleanField(
label=_('Automatically manage audio/video call setup'), required=False,
help_text=format_lazy(
_('Configures the local <a href={coturn_url}>coturn</a> app as '
'the STUN/TURN server for Matrix Synapse. Disable this if you '
'want to use a different STUN/TURN server.'),
coturn_url=reverse_lazy('coturn:index')))
# STUN/TURN server setup
turn_uris = forms.CharField(
label=_('STUN/TURN Server URIs'), required=False, strip=True,
widget=forms.Textarea(attrs={'rows': 4}),
help_text=_('List of public URIs of the STUN/TURN server, one on each '
'line.'), validators=[turn_uris_validator])
shared_secret = forms.CharField(
label=_('Shared Authentication Secret'), required=False, strip=True,
help_text=_('Shared secret used to compute passwords for the '
'TURN server.'))
def clean_turn_uris(self):
"""Normalize newlines in URIs."""
data = self.cleaned_data['turn_uris']
return '\n'.join([uri.strip() for uri in data.splitlines()])
Reference in New Issue View Git Blame Copy Permalink