Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Allow updating passwords using the admin api without logging out devices
Browse files Browse the repository at this point in the history
Signed-off-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz>
  • Loading branch information
jcgruenhage committed Jun 3, 2022
1 parent 888a29f commit 2238f74
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
4 changes: 3 additions & 1 deletion docs/admin_api/user_admin_api.md
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,9 @@ URL parameters:
Body parameters:

- `password` - string, optional. If provided, the user's password is updated and all
devices are logged out.
devices are logged out, unless `logout_devices` is set to `false`.
- `logout_devices` - bool, optional, defaults to `true`. If set to false, devices aren't
logged out even when `password` is provided.
- `displayname` - string, optional, defaults to the value of `user_id`.
- `threepids` - array, optional, allows setting the third-party IDs (email, msisdn)
- `medium` - string. Kind of third-party ID, either `email` or `msisdn`.
Expand Down
8 changes: 7 additions & 1 deletion synapse/rest/admin/users.py
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,13 @@ async def on_PUT(
if not isinstance(password, str) or len(password) > 512:
raise SynapseError(HTTPStatus.BAD_REQUEST, "Invalid password")

logout_devices = body.get("logout_devices", True)
if not isinstance(logout_devices, bool):
raise SynapseError(
HTTPStatus.BAD_REQUEST,
"'logout_devices' parameter is not of type boolean",
)

deactivate = body.get("deactivated", False)
if not isinstance(deactivate, bool):
raise SynapseError(
Expand Down Expand Up @@ -305,7 +312,6 @@ async def on_PUT(
await self.store.set_server_admin(target_user, set_admin_to)

if password is not None:
logout_devices = True
new_password_hash = await self.auth_handler.hash(password)

await self.set_password_handler.set_password(
Expand Down

0 comments on commit 2238f74

Please sign in to comment.