|
@@ -39,6 +39,33 @@ from twisted.internet import defer
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
|
|
|
+def check_req_params(request):
|
|
|
+ try:
|
|
|
+ # json.loads doesn't allow bytes in Python 3.5
|
|
|
+ body = json_decoder.decode(request.content.read().decode("UTF-8"))
|
|
|
+ except ValueError:
|
|
|
+ request.setResponseCode(400)
|
|
|
+ request.write(dict_to_json_bytes({'errcode': 'M_BAD_JSON', 'error': 'Malformed JSON'}))
|
|
|
+ request.finish()
|
|
|
+ return false
|
|
|
+
|
|
|
+ missing = [k for k in ("threepid", "mxid") if k not in body]
|
|
|
+ if len(missing) > 0:
|
|
|
+ request.setResponseCode(400)
|
|
|
+ msg = "Missing parameters: "+(",".join(missing))
|
|
|
+ request.write(dict_to_json_bytes({'errcode': 'M_MISSING_PARAMS', 'error': msg}))
|
|
|
+ request.finish()
|
|
|
+ return false
|
|
|
+
|
|
|
+ if 'medium' not in body['threepid'] or 'address' not in body['threepid']:
|
|
|
+ request.setResponseCode(400)
|
|
|
+ request.write(dict_to_json_bytes({'errcode': 'M_MISSING_PARAMS', 'error': 'Threepid lacks medium / address'}))
|
|
|
+ request.finish()
|
|
|
+ return false
|
|
|
+
|
|
|
+ return true
|
|
|
+
|
|
|
+
|
|
|
class ThreePidUnbindServlet(Resource):
|
|
|
def __init__(self, sydent):
|
|
|
self.sydent = sydent
|
|
@@ -50,32 +77,12 @@ class ThreePidUnbindServlet(Resource):
|
|
|
@defer.inlineCallbacks
|
|
|
def _async_render_POST(self, request):
|
|
|
try:
|
|
|
- try:
|
|
|
- # json.loads doesn't allow bytes in Python 3.5
|
|
|
- body = json_decoder.decode(request.content.read().decode("UTF-8"))
|
|
|
- except ValueError:
|
|
|
- request.setResponseCode(400)
|
|
|
- request.write(dict_to_json_bytes({'errcode': 'M_BAD_JSON', 'error': 'Malformed JSON'}))
|
|
|
- request.finish()
|
|
|
- return
|
|
|
-
|
|
|
- missing = [k for k in ("threepid", "mxid") if k not in body]
|
|
|
- if len(missing) > 0:
|
|
|
- request.setResponseCode(400)
|
|
|
- msg = "Missing parameters: "+(",".join(missing))
|
|
|
- request.write(dict_to_json_bytes({'errcode': 'M_MISSING_PARAMS', 'error': msg}))
|
|
|
- request.finish()
|
|
|
+ if not check_req_params(request):
|
|
|
return
|
|
|
|
|
|
threepid = body['threepid']
|
|
|
mxid = body['mxid']
|
|
|
|
|
|
- if 'medium' not in threepid or 'address' not in threepid:
|
|
|
- request.setResponseCode(400)
|
|
|
- request.write(dict_to_json_bytes({'errcode': 'M_MISSING_PARAMS', 'error': 'Threepid lacks medium / address'}))
|
|
|
- request.finish()
|
|
|
- return
|
|
|
-
|
|
|
# We now check for authentication in two different ways, depending
|
|
|
# on the contents of the request. If the user has supplied "sid"
|
|
|
# (the Session ID returned by Sydent during the original binding)
|