| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | | |
|
| | | |
|
| | | |
|
| |\| |
|
| | |\ |
|
| | | | |
|
| |\| | |
|
| | |/
| |
| |
| | |
Spam checker modules can now provide async methods. This is implemented
in a backwards-compatible manner.
|
| |\| |
|
| | |
| |
| |
| |
| | |
This also expands type-hints to the SSO and registration code.
Refactors the CAS code to more closely match OIDC/SAML.
|
| | | |
|
| | | |
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
another user. (#8616)
We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't).
A future PR will add an API for creating such a token.
When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
|
| |\| |
|
| | |
| |
| | |
All handlers now available via get_*_handler() methods on the HomeServer.
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit '4325be1a5':
Fix missing null character check on guest_access room state
Fixed a bug with reactivating users with the admin API (#8362)
Admin API for reported events (#8217)
Fix wording of deprecation notice in changelog
Deprecation warning for synapse admin api being accessible under /_matrix
Create function to check for long names in devices (#8364)
Add a comment re #1691
Fix a bad merge from release-v1.20.0. (#8354)
Admin API for querying rooms where a user is a member (#8306)
Catch-up after Federation Outage (bonus): Catch-up on Synapse Startup (#8322)
Simplify super() calls to Python 3 syntax. (#8344)
Allow appservice users to /login (#8320)
Update test logging to be able to accept braces (#8335)
Move lint dependencies to extras_require (#8330)
|
| | |
| |
| |
| |
| |
| |
| | |
This converts calls like super(Foo, self) -> super().
Generated with:
sed -i "" -Ee 's/super\([^\(]+\)/super()/g' **/*.py
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit '56efa9ec7': (22 commits)
Fix rate limiting unit tests. (#8167)
Add functions to `MultiWriterIdGen` used by events stream (#8164)
Do not allow send_nonmember_event to be called with shadow-banned users. (#8158)
Changelog fixes
Make StreamIdGen `get_next` and `get_next_mult` async (#8161)
Wording fixes to 'name' user admin api filter (#8163)
Fix missing double-backtick in RST document
Search in columns 'name' and 'displayname' in the admin users endpoint (#7377)
Add type hints for state. (#8140)
Stop shadow-banned users from sending non-member events. (#8142)
Allow capping a room's retention policy (#8104)
Add healthcheck for default localhost 8008 port on /health endpoint. (#8147)
Fix flaky shadow-ban tests. (#8152)
Don't fail /submit_token requests on incorrect session ID if request_token_inhibit_3pid_errors is turned on (#7991)
Do not apply ratelimiting on joins to appservices (#8139)
Micro-optimisations to get_auth_chain_ids (#8132)
Allow denying or shadow banning registrations via the spam checker (#8034)
Stop shadow-banned users from sending invites. (#8095)
Be more tolerant of membership events in unknown rooms (#8110)
Improve the error code when trying to register using a name reserved for guests. (#8135)
...
|
| | | |
|
| | |
| |
| |
| | |
guests. (#8135)
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit 'e04e465b4':
Use the default templates when a custom template file cannot be found (#8037)
Changelog changes
Convert stream database to async/await. (#8074)
Add a shadow-banned flag to users. (#8092)
Convert pusher databases to async/await. (#8075)
Convert receipts and events databases to async/await. (#8076)
|
| | | |
|
| |\|
| |
| |
| |
| | |
* commit '3b415e23a':
Convert replication code to async/await. (#7987)
|
| | | |
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit 'de119063f': (31 commits)
Convert room list handler to async/await. (#7912)
Element CSS and logo in email templates (#7919)
Lint the contrib/ directory in CI and linting scripts, add synctl to linting script (#7914)
Remove unused code from synapse.logging.utils. (#7897)
Fix a typo in the sample config. (#7890)
Fix deprecation warning: import ABC from collections.abc (#7892)
Change sample config's postgres user to synapse_user (#7889)
Fix deprecation warning due to invalid escape sequences (#7895)
Remove Ubuntu Eoan that is now EOL (#7888)
Fix the trace function for async functions. (#7872)
Add help for creating a user via docker (#7885)
Switch to Debian:Slim from Alpine for the docker image (#7839)
Stop using 'device_max_stream_id' (#7882)
Fix TypeError in synapse.notifier (#7880)
Add a default limit (of 100) to get/sync operations. (#7858)
Change "unknown room ver" logging to warning. (#7881)
Convert device handler to async/await (#7871)
Convert synapse.app to async/await. (#7868)
Convert _base, profile, and _receipts handlers to async/await (#7860)
Add admin endpoint to get members in a room. (#7842)
...
|
| | | |
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit 'dc80a0762':
1.16.0rc1
Back out MSC2625 implementation (#7761)
Additional configuration options for auto-join rooms (#7763)
Add some metrics for inbound and outbound federation processing times (#7755)
Explain the purpose of the "tests" conditional dependency requirement (#7751)
Add another yield point to state res v2 (#7746)
Move flake8 to end. Don't exit script on failure (#7738)
Make tox actions work on Debian 10 (#7703)
Yield during large v2 state res. (#7735)
add org.matrix.login.jwt so that m.login.jwt can be deprecated (#7675)
Set Content-Length for Metrics requests (#7730)
Sync ignored table names in synapse_port_db to current database schema (#7717)
Allow local media to be marked as safe from being quarantined. (#7718)
Convert directory handler to async/await (#7727)
Speed up state res v2 across large state differences. (#7725)
|
| | | |
|
| | |
| |
| |
| |
| | |
Adds an option, `bind_new_user_emails_to_sydent`, which uses Sydent's [internal bind api](https://github.com/matrix-org/sydent#internal-bind-and-unbind-api) to automatically bind email addresses of users immediately after they register.
This is quite enterprise-specific, but could be generally useful to multiple organizations. This aims to solve the problem of requiring users to verify their email twice when using the functionality of an identity server in a corporate deployment - where both the homeserver and identity server are controlled. It does with while eliminating the need for the `account_threepid_delegates.email` option, which historically has been a very complicated option to reason about.
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
dinsic-release-v1.15.x
* 'release-v1.15.0' of github.com:matrix-org/synapse: (55 commits)
1.15.0
Fix some attributions
Update CHANGES.md
1.15.0rc1
Revert "1.15.0rc1"
1.15.0rc1
Fix bug in account data replication stream. (#7656)
Convert the registration handler to async/await. (#7649)
Accept device information at the login fallback endpoint. (#7629)
Convert user directory handler and related classes to async/await. (#7640)
Add an option to disable autojoin for guest accounts (#6637)
Clarifications to the admin api documentation (#7647)
Update to the stable SSO prefix for UI Auth. (#7630)
Fix type information on `assert_*_is_admin` methods (#7645)
Remove some unused constants. (#7644)
Typo fixes.
Allow new users to be registered via the admin API even if the monthly active user limit has been reached (#7263)
Add device management to admin API (#7481)
Attempt to fix PhoneHomeStatsTestCase.test_performance_100 being flaky. (#7634)
Support CS API v0.6.0 (#6585)
...
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Fixes https://github.com/matrix-org/synapse/issues/3177
|
| | |
| |
| |
| | |
active user limit has been reached (#7263)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both:
* Rather undocumented, and
* causing a *lot* of config checks
This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation.
Best to be reviewed commit-by-commit.
|
| | |
| |
| |
| |
| | |
flow (#7625)
This is so the user is warned about the username not being valid as soon as possible, rather than only once they've finished UIA.
|
| | |
| |
| |
| |
| |
| | |
email has been verified (#48)
* Just ignore the `username` parameter on registration as it's not used by DINUM
* Have `/register/available` always return `true`
|
| | |
| |
| | |
This is a performance-related improvement to #13, which queried and hid active *and* already inactive users, one-by-one. This PR updates the code to query only **active**, expired users, all at once, and then mark them as inactive, all at once.
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
dinsic-release-v1.14.x
* 'release-v1.14.0' of github.com:matrix-org/synapse: (108 commits)
Fix typo in PR link
Update debian changelog
1.14.0
Improve changelog wording
1.14.0rc2
Fix sample config docs error (#7581)
Fix up comments
Fix specifying cache factors via env vars with * in name. (#7580)
Don't apply cache factor to event cache. (#7578)
Ensure ReplicationStreamer is always started when replication enabled. (#7579)
Remove the changes to the debian changelog
Not full release yet, this is rc1
Merge event persistence move changelog entries
More changelog fix
Changelog fixes
1.14.0
Replace device_27_unique_idx bg update with a fg one (#7562)
Fix incorrect exception handling in KeyUploadServlet.on_POST (#7563)
Fix recording of federation stream token (#7564)
Simplify reap_monthly_active_users (#7558)
...
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
dinsic-release-v1.14.x
* 'release-v1.13.0' of github.com:matrix-org/synapse: (257 commits)
Update changelog based on feedback.
Move warnings in the changelog and re-iterate changes to branches.
1.13.0
update dh-virtualenv (#7526)
1.13.0rc3
Hash passwords earlier in the registration process (#7523)
1.13.0rc2
1.13.0rc2
Stop `get_joined_users` corruption from custom statuses (#7376)
Do not validate that the client dict is stable during UI Auth. (#7483)
Fix new flake8 errors (#7489)
Don't UPGRADE database rows
RST indenting
Put rollback instructions in upgrade notes
Fix changelog typo
Oh yeah, RST
Absolute URL it is then
Fix upgrade notes link
Provide summary of upgrade issues in changelog. Fix )
Move next version notes from changelog to upgrade notes
...
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
This is an update to the commit ef8e78c1e623db5df97c7401bc5af9960946915e
|
| | | |
|
| | | |
|
| | | |
|
| |\|
| |
| |
| |
| | |
* commit '326c893d2':
Kill off RegistrationError (#6691)
|
| | |
| |
| | |
This is pretty pointless. Let's just use SynapseError.
|
| |\|
| |
| |
| |
| | |
* commit '2d07c7377':
Don't assign numeric IDs for empty usernames (#6690)
|
| | |
| |
| |
| | |
Fix a bug where we would assign a numeric userid if somebody tried registering
with an empty username
|
| |\|
| |
| |
| |
| |
| | |
* commit 'b9449012d':
Add changelog file
Issue #6406 Fix parameter mismatch
|
| | |
| |
| |
| | |
Signed-off-by: Syam G Krishnan <syamgk01@gmail.com>
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
* commit '6e1b40dc2':
sample config
Add changelog
A couple more instances
Replace instance variations of homeserver with correct case/spacing
|
| | | |
|
| |\|
| |
| |
| | |
(#6338)
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |\|
| |
| |
| |
| | |
* commit '020add509':
Update black to 19.10b0 (#6304)
|
| | |
| |
| | |
* update version of black and also fix the mypy config being overridden
|
| |\| |
|
| | | |
|
| | |
| |
| |
| |
| | |
This causes huge amounts of DB IO if registrations start to fail e.g.
because the DB is struggling with IO.
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously if the first registered user was a "support" or "bot" user,
when the first real user registers, the auto-join rooms were not
created.
Fix to exclude non-real (ie users with a special user type) users
when counting how many users there are to determine whether we should
auto-create a room.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
|
| |\| |
|
| | |
| |
| | |
Removes the `bind_email` and `bind_msisdn` parameters from the `/register` C/S API endpoint as per [MSC2140: Terms of Service for ISes and IMs](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R107).
|
| |\| |
|
| | | |
|
| | | |
|
| |\| |
|
| | |
| |
| | |
These methods were part of the v1 C/S API. Remove them as they are no longer used by any code paths.
|
| |\| |
|
| | |
| |
| |
| |
| | |
Python will return a tuple whether there are parentheses around the returned values or not.
I'm just sick of my editor complaining about this all over the place :)
|
| | |
| |
| |
| | |
This reverts commit 3320aaab3a9bba3f5872371aba7053b41af9d0a0.
|
| | | |
|
| |\| |
|
| | | |
|
| |\| |
|
| | |
| |
| |
| | |
Record how long an access token is valid for, and raise a soft-logout once it
expires.
|
| |\| |
|
| | |
| |
| |
| |
| | |
The 'token' param is no longer used anywhere except the tests, so let's kill
that off too.
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Nothing uses this now, so we can remove the dead code, and clean up the
API.
Since we're changing the shape of the return value anyway, we take the
opportunity to give the method a better name.
|
| |\| |
|
| | |
| |
| | |
It was pretty unclear what was going on, so I've added a couple of log lines.
|
| | |
| |
| | |
This is only used in tests, so...
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This has never been documented, and I'm not sure it's ever been used outside
sytest.
It's quite a lot of poorly-maintained code, so I'd like to get rid of it.
For now I haven't removed the database table; I suggest we leave that for a
future clearout.
|
| |\| |
|
| | | |
|
| | | |
|
| |\ \ |
|
| | |\| |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
These end up in join events everywhere, so let's limit them.
Fixes #5079
|
| | |\| |
|
| | | | |
|
| | | | |
|
| | | | |
|
| |/ / |
|
| |\| |
|
| | |
| |
| | |
This PR allows password provider modules to bind email addresses when a user is registering and is motivated by matrix-org/matrix-synapse-ldap3#58
|
| |\| |
|
| | |
| |
| |
| |
| | |
Adds a new method, check_3pid_auth, which gives password providers
the chance to allow authentication with third-party identifiers such
as email or msisdn.
|
| |\| |
|
| | | |
|
| | |
| |
| | |
Add two ratelimiters on login (per-IP address and per-userID).
|
| | | |
|
| | |
| |
| |
| | |
This reverts commit d7dbad3526136cfc9fdbd568635be5016fb637db.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Rate-limiting for registration
* Add unit test for registration rate limiting
* Add config parameters for rate limiting on auth endpoints
* Doc
* Fix doc of rate limiting function
Co-Authored-By: babolivier <contact@brendanabolivier.com>
* Incorporate review
* Fix config parsing
* Fix linting errors
* Set default config for auth rate limiting
* Fix tests
* Add changelog
* Advance reactor instead of mocked clock
* Move parameters to registration specific config and give them more sensible default values
* Remove unused config options
* Don't mock the rate limiter un MAU tests
* Rename _register_with_store into register_with_store
* Make CI happy
* Remove unused import
* Update sample config
* Fix ratelimiting test for py2
* Add non-guest test
|
| |\|
| |
| |
| | |
erikj/dinsic-merged-master
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* add trivial clarification about jemalloc
* switch from google.com to recaptcha.net
because https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Move RegistrationHandler init to HomeServer
* Move post registration actions to RegistrationHandler
* Add post regisration replication endpoint
* Newsfile
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This allows registration to be handled by a worker, though the actual
write to the database still happens on master.
Note: due to the in-memory session map all registration requests must be
handled by the same worker.
|
| | |
| |
| |
| |
| |
| | |
Allow for the creation of a support user.
A support user can access the server, join rooms, interact with other users, but does not appear in the user directory nor does it contribute to monthly active user limits.
|
| | |
| |
| |
| |
| | |
When we register a new user from SAML2 data, initialise their displayname
correctly.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Rip out half-implemented m.login.saml2 support
This was implemented in an odd way that left most of the work to the client, in
a way that I really didn't understand. It's going to be a pain to maintain, so
let's start by ripping it out.
* drop undocumented dependency on dateutil
It turns out we were relying on dateutil being pulled in transitively by
pysaml2. There's no need for that bloat.
|
| | |
| |
| |
| |
| |
| | |
* Fix auto join failures for servers that require user consent
* Fix auto join failures for servers that require user consent
|
| | | |
|
| | |
| |
| |
| | |
... to save passing it into `_send_events_for_new_room`
|
| | | |
|
| | |
| |
| |
| |
| | |
* implement shadow registration via AS (untested)
* shadow support for 3pid binding/unbinding (untested)
|
| |\| |
|
| | | |
|
| | |
| |
| | |
Co-Authored-By: neilisfragile <neil@matrix.org>
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |\| |
|
| | | |
|
| | |
| |
| | |
remove comments
|
| | |
| |
| |
| | |
AuthError in all cases
|
| | |
| |
| |
| |
| |
| | |
return AuthError in all cases"
This reverts commit 0d43f991a19840a224d3dac78d79f13d78212ee6.
|
| | |
| |
| |
| | |
AuthError in all cases
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |\
| | |
| | | |
Initial impl of capping MAU
|
| | | | |
|
| | | | |
|
| | |/ |
|
| |\| |
|
| | | |
|
| |\| |
|
| | | |
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| | |
Server Notices use a special room which the user can't dismiss. They are
created on demand when some other bit of the code calls send_notice.
(This doesn't actually do much yet becuse we don't call send_notice anywhere)
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* [x] strip invalid characters from generated mxid
* [x] append numbers to disambiguate clashing mxids
* [x] generate displayanames from 3pids using a dodgy heuristic
* [x] get rid of the create_profile_with_localpart and instead
explicitly set displaynames so they propagate correctly
|
| |\| |
|
| | |\ |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the handling of auto_join_rooms only works when a user
registers itself via public register api. Registrations via
registration_shared_secret and ModuleApi do not work
This auto_joins the users in the registration handler which enables
the auto join feature for all 3 registration paths.
This is related to issue #2725
Signed-Off-by: Matthias Kesler <krombel@krombel.de>
|
| |\| |
|
| | | |
|
| | | |
|
| |/ |
|
| |
|
|
|
|
|
|
|
| |
* [ ] split config options into allowed_local_3pids and registrations_require_3pid
* [ ] simplify and comment logic for picking registration flows
* [ ] fix docstring and move check_3pid_allowed into a new util module
* [ ] use check_3pid_allowed everywhere
@erikjohnston PTAL
|
| | |
|
| |\
| |
| | |
Do bcrypt hashing in a background thread
|
| | | |
|
| | | |
|
| |/ |
|
| |
|
|
| |
This reverts commit b70b64690330c25cbd04c1b2cacf8276b566efc8.
|
| |
|
|
| |
Because we're never going to be able to fix this :'(
|
| |
|
|
|
|
|
| |
Also move duplicated deactivation code into the auth handler.
I want to add some hooks when we deactivate an access token, so let's bring it
all in here so that there's somewhere to put it.
|
| |
|
|
| |
what could possibly go wrong
|
| |
|
|
| |
... because the spec says we should.
|
| |
|
|
|
| |
Factor out a common function for checking user ids and group ids, which forbids
capitals.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
- GET is now the method for register/available
- a query parameter "username" is now used
Also, empty usernames are now handled with an error message on registration or via register/available: `User ID cannot be empty`
|
| |
|
|
|
|
| |
This was broken when device list updates were implemented, as Mailer
could no longer instantiate an AuthHandler due to a dependency on
federation sending.
|
| |
|
|
|
| |
Make sure that a user cannot pretend to be a guest by adding 'guest = True'
caveats.
|
| |
|
|
|
|
|
|
| |
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats.
|
| |
|
|
| |
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
|
| |
|
|
| |
synchronous
|
| | |
|
| |
|
|
|
| |
Wrap the `Requester` constructor with a function which provides sensible
defaults, and use it throughout
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* `RegistrationHandler.appservice_register` no longer issues an access token:
instead it is left for the caller to do it. (There are two of these, one in
`synapse/rest/client/v1/register.py`, which now simply calls
`AuthHandler.issue_access_token`, and the other in
`synapse/rest/client/v2_alpha/register.py`, which is covered below).
* In `synapse/rest/client/v2_alpha/register.py`, move the generation of
access_tokens into `_create_registration_details`. This means that the normal
flow no longer needs to call `AuthHandler.issue_access_token`; the
shared-secret flow can tell `RegistrationHandler.register` not to generate a
token; and the appservice flow continues to work despite the above change.
|
| | |
|
| | |
|
| |
|
|
| |
Signed-off-by: Kent Shikama <kent@kentshikama.com>
|
| |
|
|
| |
Signed-off-by: Kent Shikama <kent@kentshikama.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
The only place that was observed was to set the profile. I've made it
so that the profile is set within store.register in the same transaction
that creates the user.
This required some slight changes to the registration code for upgrading
guest users, since it previously relied on the distributor swallowing errors
if the profile already existed.
|
| |
|
|
| |
Fix the relevant unit test cases
|
| | |
|
| |
|
|
|
| |
Replace flush_user with delete access token due to function removal
Add a new test case for if the user is already registered
|
| |
|
|
|
|
| |
- Add unittests for client, api and handler
Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
|
| |
|
|
|
|
|
| |
Move the functions inside the distributor and import them
where needed. This reduces duplication and makes it possible
for flake8 to detect when the functions aren't used in a
given file.
|
| |
|
|
| |
a username.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
occurs
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
|
| |
|
|
|
|
|
|
|
| |
This means that following the same link across multiple sessions or
devices can re-use the same guest account.
Note that this is somewhat of an abuse vector; we can't throw up
captchas on this flow, so this is a way of registering ephemeral
accounts for spam, whose sign-up we don't rate limit.
|
| |
|
|
|
| |
This whole set of checks is kind of an ugly mess, which I may clean up
at some point, but for now let's be correct.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The current random IDs are ugly and confusing when presented in UIs.
This makes them prettier and easier to read.
Also, disable non-automated registration of numeric IDs so that we don't
need to worry so much about people carving out our automated address
space and us needing to keep retrying ID registration.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
not. Use this so we can run _filter_events_for_client when calculating event_push_actions.
|
| | |
|
| |\
| |
| | |
Matthew/no identicons
|
| | | |
|
| | |
| |
| |
| | |
582019f870adbc4a8a8a9ef97b527e0fead77761 and solves vector-web/vector-im#346
|
| |/ |
|
| | |
|
| |
|
|
| |
static analysis can work out want is calling what
|
| |
|
|
|
|
|
| |
This follows the same flows-based flow as regular registration, but as
the only implemented flow has no requirements, it auto-succeeds. In the
future, other flows (e.g. captcha) may be required, so clients should
treat this like the regular registration flow choices.
|
| | |
|
| |
|
|
| |
This reduces our ~8 second sequential test time down to ~7 seconds
|
| | |
|
| |
|
|
|
| |
I prefer the auth handler to worry about all auth, and register to call
into it as needed, than to smatter auth logic between the two.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This just replaces random bytes with macaroons. The macaroons are not
inspected by the client or server.
In particular, they claim to have an expiry time, but nothing verifies
that they have not expired.
Follow-up commits will actually enforce the expiration, and allow for
token refresh.
See https://bit.ly/matrix-auth for more information
|
| |
|
|
|
|
|
|
|
| |
* Merge LoginHandler -> AuthHandler
* Add a bunch of documentation
* Improve some naming
* Remove unused branches
I will start merging the actual logic of the two handlers shortly
|
| |
|
|
|
|
|
|
| |
V2 Registration forced everyone (including ASes) to create a password for a
user, when ASes should be able to omit passwords. Also unbreak AS registration
in general which checked too early if the given username was claimed by an AS;
it was checked before knowing if the AS was the one doing the registration! Add
unit tests for AS reg, user reg and disabled_registration flag.
|
| | |
|
| | |
|
| | |
|
| | |
|
