Bot that offers two step registrations to a matrix-synapse server
APACHE-2.0 License
This bot provides a two-step-registration for matrix (synapse).
This is done in several steps:
There are two operation modes available:
operationMode=synapse
operationMode=local
:
operationMode=local
git clone https://github.com/krombel/matrix-register-bot
cd matrix-register-bot
composer install
cp config.sample.php config.php
editor config.php
public
accessible via web.When running operationMode=local
:
internal
internally. This is only meant to be accessible by mxisd and matrix-synapse-rest-auth/_matrix-internal/identity/v1/check_credentials
should map to internal/login.php
Key | file which handles that | Description |
---|---|---|
rest.endpoints.auth | internal/login.php | Validate credentials and get user profile |
rest.endpoints.directory | internal/directory_search.php | Search for users by arbitrary input |
rest.endpoints.identity.single | internal/identity_single.php | Endpoint to query a single 3PID |
rest.endpoints.identity.bulk | internal/identity_bulk.php | Endpoint to query a list of 3PID |
Currently the passwords which are typed in while capturing the register request are stored in clear text.
The bot needs to access them to trigger a register request with correct credentials.
It is currently strongly recommended to set "getPasswordOnRegistration" => false
in your config!
This leads to autocreating passwords which will then be send to the users directly without storing it.
operationMode=local
)To allow users to change their pasword you need a reverse proxy which maps /_matrix/client/r0/account/password
to internal/intercept_change_password.php
.
Here is an example for nginx:
location /_matrix/client/r0/account/password {
proxy_pass http://localhost/mxbot/internal/intercept_change_password.php;
proxy_set_header X-Forwarded-For $remote_addr;
}
There is a cron.php which implements retries and database cleanups (e.g. to remove a username claim) For this run cron.php regularly with your system of choice. A suggested interval is once per day