Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add possibility to insert 'email' #54

Open
oxmie opened this issue Jan 15, 2021 · 4 comments
Open

Add possibility to insert 'email' #54

oxmie opened this issue Jan 15, 2021 · 4 comments
Labels
enhancement New feature or request

Comments

@oxmie
Copy link

oxmie commented Jan 15, 2021
edited
Loading

Is your feature request related to a problem?

If you are running a public matrix server, there will be the situation, that someone has lost their account password.

At the current situation, the created account will only hold the username, nothing more. Therefore there is no second identifier to validate an user request during a password reset request.

Describe the solution you'd like.

It would be very helpful, to provide an email field within the registration dialog, which value can be passed during the profile creation to the new matrix account.

If the email field is optional or required could be an additional feature.
@oxmie oxmie added the enhancement New feature or request label Jan 15, 2021
@zeratax
Copy link
Owner

zeratax commented Jan 16, 2021

sadly this isn't exactly trivial, since the admin register api endpoint doesn't take an email address. the only way around this to me seems to be to completely rewrite this to something akin to an ldap provider.

currently I would just recommend users to add their email address after they've signed up

@Bubu
Copy link
Contributor

Bubu commented Jan 16, 2021

This seems to take an email though? https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/user_admin_api.rst#create-or-modify-account

I just very briefly looked this up, so I might be looking at the wrong thing. As I'm quite interested in something like this as well, I'd be wiling to spend some more time researching this.

@zeratax
Copy link
Owner

zeratax commented Jan 16, 2021

Oh yeah this does look promising. I was just looking at the inital register endpoint. I guess this wouldn't check if this 3pid is actually yours, by in this case sending a verification email? Depending on how much of an issue that is I would probably have to send those myself, though a good opportunity to consider #19 again

@Bubu Bubu mentioned this issue Feb 1, 2021
Open
@xelantro
Copy link
Collaborator

xelantro commented Aug 1, 2021

E-mails are normally managed through the identity server (of their own choice), which also provides an email verification api interface relevant matrix api.
But since Synapse 1.4 (~2019) synapse safes their own 3pids for password reset see here since babus link is dead, but this would need an admin access-token.

Alternativly the client-server api seems to provide an interface which comes hand since we get an accesstoken from the user as response from the registering https://matrix.org/docs/spec/client_server/r0.6.1#post-matrix-client-r0-register-email-requesttoken

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Bubu @zeratax @xelantro @oxmie