Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Don't check whether a 3pid is allowed to register during password reset #8414

Merged
merged 3 commits into from
Sep 29, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/8414.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Remove unnecessary 3PID registration check when resetting password via an email address. Bug introduced in v0.34.0rc2.
7 changes: 0 additions & 7 deletions synapse/rest/client/v2_alpha/account.py
Original file line number Diff line number Diff line change
Expand Up @@ -96,13 +96,6 @@ async def on_POST(self, request):
send_attempt = body["send_attempt"]
next_link = body.get("next_link") # Optional param

if not check_3pid_allowed(self.hs, "email", email):
raise SynapseError(
403,
"Your email domain is not authorized on this server",
Codes.THREEPID_DENIED,
)

if next_link:
# Raise if the provided next_link value isn't valid
assert_valid_next_link(self.hs, next_link)
Expand Down