search

spantaleev / matrix-docker-ansible-deploy

🐳 Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker
GNU Affero General Public License v3.0
4.83k stars 1.04k forks source link

Create new users with admin api #2557

Open Will-Zhao0 opened 1 year ago

Will-Zhao0 commented 1 year ago

Problem description:

Hello, I'm trying to register new users on my homeserver using shared secret and admin apis, I'm following this doc, which seems the shared secret is necessary. I have also read this, but it doesn't seem to talk about how to have access to the shared secrets.

What should I do? Thanks!

aaronraimist commented 1 year ago

By default your registration_shared_secret is the same as the matrix_homeserver_generic_secret_key (or matrix_synapse_macaroon_secret_key) that is in your vars.yml file.

If you want to avoid dealing with the admin APIs and the shared secret you can also use any of these methods https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/registering-users.md#registering-users-manually.

Will-Zhao0 commented 1 year ago

Ok thank you

Will-Zhao0 commented 1 year ago

So I also saw this as an alternative to create new users, and it seems it doesn't require shared secret. But I followed the exact example from the doc and it does not work, I am wondering if there is any configuration I missed in vars.yml, maybe allow_user_registration or sorts?

My script:

def create_user(user_id: str):
    '''
    [admin] Create a new user account from an existing user_id on the server.

    Parameters
    ----------
    user_id : str

    Returns
    -------
    dict: dict
        dictionary of user_id and access_token
    '''

    username = str(generate_username(1)[0])
    password = secrets.token_urlsafe(16)
    data = {
        "displayname": username,
        "password": password
    }
    response = requests.put(f"{prefix['admin']}v2/users/{user_id}", json=data, headers=headers)

    if response.status_code == 200:
        logging.info(f"Modified user with ID: {response.json()['user_id']}")
        return response.json()
    elif response.status_code == 201:
        logging.info(f"Created new user with ID: {response.json()['user_id']}")
        return response.json()
    else:
        logging.error(f"Error creating user: {response.status_code} {response.reason}")

The output is always 400 Bad Request

aaronraimist commented 1 year ago

I haven't tried your script but I don't see anything obviously wrong after reading through it. Make sure the user ID you are providing is in the form @user:server.com and you are authenticating using the access token from a server admin.

You may have to dig in to the Synapse logs to get more information about what the problem is.

Btw there is a Python tool for interacting with the admin API https://github.com/JOJ0/synadm so you don't have to write your own.

rltas commented 1 year ago

Just to be sure: unless you're accessing it locally, is the admin API exposed to begin with? matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_admin_api_enabled: true