matrix/matrix-react-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-react-sdk.git synced 2025-12-05 15:22:09 +03:00
Code Activity

Prevent spamming emails by reusing client secret

Browse Source 
Generate a client secret in the Signup class (if we don't already
have one) and re-usae it for subsequent attempts to register,
that way the IS can honour the sendAttempt flag and not re-send
the email if we're just retrying and requestToken becomes
idempotent.
This commit is contained in:
David Baker
2016-10-11 18:08:18 +01:00
parent 6ffddabaaa
commit 6ffb7efc9b
2 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/SignupStages.js
View File

@@ -158,7 +158,11 @@ class EmailIdentityStage extends Stage {
return this._completeVerify();
}
this.clientSecret = this.client.generateClientSecret();
this.clientSecret = this.signupInstance.params.clientSecret;
if (!this.clientSecret) {
return q.reject(new Error("No client secret specified by Signup class!"));
}
var nextLink = this.signupInstance.params.registrationUrl +
'?client_secret=' +
encodeURIComponent(this.clientSecret) +