From 2d1fbdb51d9ad15a169f6d2ce50948fa8b72a6b8 Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Sat, 11 May 2019 21:39:31 -0500 Subject: [PATCH] Move around options on updating-users-passwords.md and provide an example for using the admin API --- docs/updating-users-passwords.md | 38 ++++++++++++++++++++++---------- 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/docs/updating-users-passwords.md b/docs/updating-users-passwords.md index af8d38dc..838e2000 100644 --- a/docs/updating-users-passwords.md +++ b/docs/updating-users-passwords.md @@ -1,29 +1,43 @@ # Updating users passwords -## Option 1 - -Use the Synapse User Admin API as described here: https://github.com/matrix-org/synapse/blob/master/docs/admin_api/user_admin_api.rst#reset-password - -This requires an access token from a server admin account. If you didn't make your account a server admin when you created it, you can use the `/usr/local/bin/matrix-make-user-admin` script as described in [registering-users.md](registering-users.md). - -## Option 2 (if you are using the default matrix-postgres container): +## Option 1 (if you are using the default matrix-postgres container): You can reset a user's password via the Ansible playbook (make sure to edit the `` and `` part below): - ansible-playbook -i inventory/hosts setup.yml --extra-vars='username= password=' --tags=update-user-password +``` +ansible-playbook -i inventory/hosts setup.yml --extra-vars='username= password=' --tags=update-user-password +``` **Note**: `` is just a plain username (like `john`), not your full `@:` identifier. **You can then log in with that user** via the riot-web service that this playbook has created for you at a URL like this: `https://riot./`. -## Option 3 (if you are using an external Postgres server): + +## Option 2 (if you are using an external Postgres server): You can manually generate the password hash by using the command-line after **SSH**-ing to your server (requires that [all services have been started](installing.md#starting-the-services)): - docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml +``` +docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml +``` and then connecting to the postgres server and executing: - UPDATE users SET password_hash = '' WHERE name = '@someone:server.com' - +``` +UPDATE users SET password_hash = '' WHERE name = '@someone:server.com' +``` +` where `` is the hash returned by the docker command above. + + +## Option 3: + +Use the Synapse User Admin API as described here: https://github.com/matrix-org/synapse/blob/master/docs/admin_api/user_admin_api.rst#reset-password + +This requires an access token from a server admin account. If you didn't make your account a server admin when you created it, you can use the `/usr/local/bin/matrix-make-user-admin` script as described in [registering-users.md](registering-users.md). Note this method will also log the user out of all of their clients while the other options do not. + +### Example: +To set @user:domain.com's password to `correct_horse_battery_staple` you could use this curl command: +``` +curl -XPOST -d '{ "new_password": "correct_horse_battery_staple" }' "https://matrix./_matrix/client/r0/admin/reset_password/@user:domain.com?access_token=MDA...this_is_my_access_token +```