PrivateCoffee/synapse-registration
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat; Enhances user registration handling and status updates

Browse source 
Adds requests to unlock and interact with new users in the Synapse server upon registration approval. Ensures usernames are available before registration finalization and attempts to lock user accounts post-creation, sending notifications on failure. Automates deactivation of users upon registration denial with email alerting on failure.

Improves integration with external systems for seamless synchronization and better user experience.
This commit is contained in:
Kumi 2024-11-16 18:11:09 +01:00
parent b5c816e748
commit ed7a65fa58
Signed by: kumi
GPG key ID: ECBCC9082395383F
2 changed files with 71 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
src/synapse_registration/registration/signals.py
View file

@ -2,8 +2,11 @@ from django.db.models.signals import post_save
from django.dispatch import receiver from django.dispatch import receiver
from django.core.mail import send_mail from django.core.mail import send_mail
from django.conf import settings from django.conf import settings
from .models import UserRegistration from .models import UserRegistration
import requests
@receiver(post_save, sender=UserRegistration) @receiver(post_save, sender=UserRegistration)
def handle_status_change(sender, instance, created, **kwargs): def handle_status_change(sender, instance, created, **kwargs):
@ -17,7 +20,31 @@ def handle_status_change(sender, instance, created, **kwargs):
settings.DEFAULT_FROM_EMAIL, settings.DEFAULT_FROM_EMAIL,
[instance.email], [instance.email],
) )
# TODO: Unlock the user in Synapse
requests.put(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/users/@{instance.username}:{settings.MATRIX_DOMAIN}",
json={"locked": False},
headers={"Authorization": f"Bearer {settings.SYNAPSE_ADMIN_TOKEN}"},
)
response = requests.post(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/users/{settings.ADMIN_USER}/rooms?access_token={settings.SYNAPSE_ADMIN_TOKEN}",
json={"preset": "private_chat"},
)
room_id = response.json()["room_id"]
response = requests.post(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/rooms/{room_id}/invite",
json={"user_id": f"@{instance.username}:{settings.MATRIX_DOMAIN}"},
headers={"Authorization": f"Bearer {settings.SYNAPSE_ADMIN_TOKEN}"},
)
response = requests.post(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/rooms/{room_id}/send",
json={"msgtype": "m.text", "body": f"Welcome, {instance.username}!"},
headers={"Authorization": f"Bearer {settings.SYNAPSE_ADMIN_TOKEN}"},
)
elif status == UserRegistration.STATUS_DENIED: elif status == UserRegistration.STATUS_DENIED:
send_mail( send_mail(
@ -26,4 +53,17 @@ def handle_status_change(sender, instance, created, **kwargs):
settings.DEFAULT_FROM_EMAIL, settings.DEFAULT_FROM_EMAIL,
[instance.email], [instance.email],
) )
# TODO: Deactivate the user in Synapse
response = requests.put(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/users/@{instance.username}:{settings.MATRIX_DOMAIN}",
json={"deactivated": True},
headers={"Authorization": f"Bearer {settings.SYNAPSE_ADMIN_TOKEN}"},
)
if response.status_code != 200:
send_mail(
"Deactivation Failed",
f"Failed to deactivate the user {instance.username}. Please deactivate the user manually if required.",
settings.DEFAULT_FROM_EMAIL,
[settings.ADMIN_EMAIL],
)

29
src/synapse_registration/registration/views.py
View file

@ -94,6 +94,15 @@ class CompleteRegistrationView(FormView):
) )
username = registration.username username = registration.username
# Assert one last time that the username is available
response = requests.get(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v1/username_available?username={username}",
headers={"Authorization": f"Bearer {settings.SYNAPSE_ADMIN_TOKEN}"},
)
if not response.json().get("available"):
return render(self.request, "registration/registration_forbidden.html")
response = requests.put( response = requests.put(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/users/@{username}:{settings.MATRIX_DOMAIN}", f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/users/@{username}:{settings.MATRIX_DOMAIN}",
json={ json={
@ -106,6 +115,26 @@ class CompleteRegistrationView(FormView):
) )
if response.status_code in (200, 201): if response.status_code in (200, 201):
# The "locked" field doesn't seem to work when creating a user, so we need to lock the user after creation
response = requests.put(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/users/@{username}:{settings.MATRIX_DOMAIN}",
json={"locked": True},
headers={"Authorization": f"Bearer {settings.SYNAPSE_ADMIN_TOKEN}"},
)
response = requests.get(
f"{settings.SYNAPSE_SERVER}/_synapse/admin/v2/users/@{username}:{settings.MATRIX_DOMAIN}",
headers={"Authorization": f"Bearer {settings.SYNAPSE_ADMIN_TOKEN}"},
)
if not response.json().get("locked"):
send_mail(
"Locking Failed",
f"Failed to lock the user {username}. Please lock the user manually if required.",
settings.DEFAULT_FROM_EMAIL,
[settings.ADMIN_EMAIL],
)
registration.status = UserRegistration.STATUS_REQUESTED registration.status = UserRegistration.STATUS_REQUESTED
registration.registration_reason = registration_reason registration.registration_reason = registration_reason
registration.save() registration.save()