summary refs log tree commit diff
path: root/synapse/res (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Display an error page during failure of fallback UIA. (#10561)Callum Brown2021-08-182-0/+6
|
* Port "Allow users to click account renewal links multiple times without ↵Andrew Morgan2021-04-192-1/+2
| | | | | hitting an 'Invalid Token' page #74" from synapse-dinsic (#9832) This attempts to be a direct port of https://github.com/matrix-org/synapse-dinsic/pull/74 to mainline. There was some fiddling required to deal with the changes that have been made to mainline since (mainly dealing with the split of `RegistrationWorkerStore` from `RegistrationStore`, and the changes made to `self.make_request` in test code).
* Support not providing an IdP icon when choosing a username. (#9440)Patrick Cloke2021-02-191-1/+1
|
* Merge remote-tracking branch 'origin/release-v1.27.0' into social_login_hotfixesRichard van der Hoff2021-02-032-21/+84
|\
| * social login Fix username validation javascript (#9297)Richard van der Hoff2021-02-032-21/+84
| | | | | | | | | | * fix validation and don't use built-in validation UI Co-authored-by: Bruno Windels <brunow@element.io>
* | Social login UI polish (#9301)Richard van der Hoff2021-02-0312-75/+213
| |
* | social login: add noopener to terms link (#9300)Richard van der Hoff2021-02-021-1/+1
|/
* Merge branch 'social_login' into developRichard van der Hoff2021-02-011-1/+1
|\
| * fix broken HTML tagRichard van der Hoff2021-02-011-1/+1
| |
* | Merge branch 'social_login' into developRichard van der Hoff2021-02-018-84/+210
|\|
| * make primary button not wider than viewportBruno Windels2021-02-011-0/+1
| |
| * Collect terms consent from the user during SSO registration (#9276)Richard van der Hoff2021-02-011-0/+39
| |
| * Improve styling and wording of SSO UIA templates (#9286)Richard van der Hoff2021-02-012-24/+47
| | | | | | fixes #9171
| * Improve styling and wording of SSO error templates (#9287)Richard van der Hoff2021-02-014-60/+100
| |
| * Make importing display name and email optional (#9277)Richard van der Hoff2021-02-011-0/+23
| |
* | Merge branch 'social_login' into developRichard van der Hoff2021-02-017-146/+301
|\|
| * Replace username picker with a template (#9275)Richard van der Hoff2021-02-015-141/+191
| | | | | | | | | | There's some prelimiary work here to pull out the construction of a jinja environment to a separate function. I wanted to load the template at display time rather than load time, so that it's easy to update on the fly. Honestly, I think we should do this with all our templates: the risk of ending up with malformed templates is far outweighed by the improved turnaround time for an admin trying to update them.
| * Improve styling and wording of SSO redirect confirm template (#9272)Richard van der Hoff2021-02-012-6/+111
| |
* | Clean-up the template loading code. (#9200)Patrick Cloke2021-01-275-13/+13
|/ | | | | * Enables autoescape by default for HTML files. * Adds a new read_template method for reading a single template. * Some logic clean-up.
* Support icons for Identity Providers (#9154)Richard van der Hoff2021-01-201-0/+3
|
* Give the user a better error when they present bad SSO credsRichard van der Hoff2021-01-131-0/+18
| | | | | | | | | If a user tries to do UI Auth via SSO, but uses the wrong account on the SSO IdP, try to give them a better error. Previously, the UIA would claim to be successful, but then the operation in question would simply fail with "auth fail". Instead, serve up an error page which explains the failure.
* Add initial support for a "pick your IdP" page (#9017)Richard van der Hoff2021-01-051-0/+28
| | | | | During login, if there are multiple IdPs enabled, offer the user a choice of IdPs.
* Implement a username picker for synapse (#8942)Richard van der Hoff2020-12-183-0/+141
| | | | | | | | | | | | | | The final part (for now) of my work to implement a username picker in synapse itself. The idea is that we allow `UsernameMappingProvider`s to return `localpart=None`, in which case, rather than redirecting the browser back to the client, we redirect to a username-picker resource, which allows the user to enter a username. We *then* complete the SSO flow (including doing the client permission checks). The static resources for the username picker itself (in https://github.com/matrix-org/synapse/tree/rav/username_picker/synapse/res/username_picker) are essentially lifted wholesale from https://github.com/matrix-org/matrix-synapse-saml-mozilla/tree/master/matrix_synapse_saml_mozilla/res. As the comment says, we might want to think about making them customisable, but that can be a follow-up. Fixes #8876.
* Ensure that a URL exists in the content during push. (#8965)Patrick Cloke2020-12-181-1/+1
| | | | This fixes an KeyError exception, after this PR the content is just considered unknown.
* Include a simple message in email notifications that include encrypted ↵Patrick Cloke2020-10-196-69/+81
| | | | content (#8545)
* Convert additional templates to Jinja (#8444)Patrick Cloke2020-10-023-0/+79
| | | This converts a few more of our inline HTML templates to Jinja. This is somewhat part of #7280 and should make it a bit easier to customize these in the future.
* Escape the error description on the sso_error template. (#8405)Patrick Cloke2020-09-251-1/+1
|
* Improve SAML error messages (#8248)Patrick Cloke2020-09-142-56/+39
|
* Show a confirmation page during user password reset (#8004)Andrew Morgan2020-09-101-0/+16
| | | | | This PR adds a confirmation step to resetting your user password between clicking the link in your email and your password actually being reset. This is to better align our password reset flow with the industry standard of requiring a confirmation from the user after email validation.
* Implement login blocking based on SAML attributes (#8052)Richard van der Hoff2020-08-111-5/+12
| | | | | | | Hopefully this mostly speaks for itself. I also did a bit of cleaning up of the error handling. Fixes #8047
* Element CSS and logo in email templates (#7919)Jason Robinson2020-07-213-0/+11
| | | | | Use Element CSS and logo in notification emails when app name is Element. Signed-off-by: Jason Robinson <jasonr@matrix.org>
* Implement OpenID Connect-based login (#7256)Quentin Gliech2020-05-081-0/+18
|
* Fixes typo (bellow -> below) (#7449)Patrick Cloke2020-05-072-2/+2
|
* Use a template for the SSO success page to allow for customization. (#7279)Patrick Cloke2020-04-171-0/+18
|
* Do not allow a deactivated user to login via SSO. (#7240)Patrick Cloke2020-04-091-0/+10
|
* Support SAML in the user interactive authentication workflow. (#7102)Patrick Cloke2020-04-011-0/+14
|
* Use innerText instead of innerHTMLBrendan Abolivier2020-03-131-1/+2
|
* Update wording and configBrendan Abolivier2020-03-111-2/+2
|
* Move the default SAML2 error HTML to a dedicated fileBrendan Abolivier2020-03-111-0/+44
| | | | | Also add some JS to it to process any error we might have in the URI (see #6893).
* Add a confirmation step to the SSO login flowBrendan Abolivier2020-03-021-0/+14
|
* Allow HS to send emails when adding an email to the HS (#6042)Andrew Morgan2019-09-204-0/+29
|
* Allow Synapse to send registration emails + choose Synapse or an external ↵Andrew Morgan2019-09-067-4/+39
| | | | | | | | | | | | | | | | server to handle 3pid validation (#5987) This is a combination of a few different PRs, finally all being merged into `develop`: * #5875 * #5876 * #5868 (This one added the `/versions` flag but the flag itself was actually [backed out](https://github.com/matrix-org/synapse/commit/891afb57cbdf9867f2848341b29c75d6f35eef5a#diff-e591d42d30690ffb79f63bb726200891) in #5969. What's left is just giving /versions access to the config file, which could be useful in the future) * #5835 * #5969 * #5940 Clients should not actually use the new registration functionality until https://github.com/matrix-org/synapse/pull/5972 is merged. UPGRADE.rst, changelog entries and config file changes should all be reviewed closely before this PR is merged.
* Allow defining HTML templates to serve the user on account renewalBrendan Abolivier2019-08-012-0/+2
|
* Change password reset links to /_matrix.Erik Johnston2019-06-111-1/+1
|
* Add ability to perform password reset via email without trusting the ↵Andrew Morgan2019-06-064-0/+28
| | | | | | | | | | | | identity server (#5377) Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368
* Send out emails with links to extend an account's validity periodBrendan Abolivier2019-04-173-0/+54
|
* Use static locations for Riot iconsTravis Ralston2019-03-013-7/+7
| | | See https://github.com/vector-im/riot-web/issues/9009
* Ship the email templates as package_dataRichard van der Hoff2018-10-178-0/+331
move the example email templates into the synapse package so that they can be used as package data, which should mean that all of the packaging mechanisms (pip, docker, debian, arch, etc) should now come with the example templates. In order to grandfather in people who relied on the templates being in the old place, check for that situation and fall back to using the defaults if the templates directory does not exist.