| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Add some logging to the Limiter in a similar spirit to the Linearizer, to help
debug issues.
Also fix a logcontext leak.
Also refactor slightly to avoid throwing exceptions.
|
|
Return entries with is_public = True when they're public and is_public = False otherwise.
|
|
Allow things to pass inhibit_login when registering to ... inhibit logins.
|
|
add `get_user_by_req` and `invalidate_access_token`
|
|
Let the user specify custom modules which can be used for implementing extra
endpoints.
|
|
We're going to need to use this from places that aren't password auth, so let's
move it to a proper class.
|
|
This was a bit of a code vomit, so let's factor it out to preserve some sanity
|
|
this got broken in the previous commit
|
|
Provide a hook by which auth providers can be notified of logouts.
|
|
... so that they have a way to record access tokens.
|
|
Provide a hook where password auth providers can say they know about other
login types, and get passed the relevant parameters
|
|
to avoid clobbering guest user displaynames on registration
|
|
Also move duplicated deactivation code into the auth handler.
I want to add some hooks when we deactivate an access token, so let's bring it
all in here so that there's somewhere to put it.
|
|
|
|
Carefully though, to avoid logging passwords
|
|
to avoid leaking ugly MXIDs and cluttering up the timeline with
displayname changes as well as membership joins for autojoin rooms
(e.g. the status autojoin rooms), automatically set the displayname
to match the localpart of the mxid upon registration.
|
|
I'm going to need to make the device_handler depend on the auth_handler, so I
need to break this dependency to avoid a cycle.
It turns out that the auth_handler was only using the device_handler in one
place which was an edge case which we can more elegantly handle by throwing an
error rather than fixing it up.
|
|
|
|
|
|
|
|
|
|
Somewhat open to abuse, but also somewhat unavoidable :/
|
|
|
|
also includes renamings to make things more consistent.
|
|
Postgres doesn't support NULs in strings so it makes the script
throw an exception and stop if any values contain \0. Drop them
with appropriate warning.
|
|
|
|
Provide an interface by which password auth providers can register db schema
files to be run at startup
|
|
I'm going to need some more flexibility in handling login types in password
auth providers, so as a first step, move some stuff from LoginRestServlet into
AuthHandler.
In particular, we pass everything other than SAML, JWT and token logins down to
the AuthHandler, which now has responsibility for checking the login type and
fishing the password out of the login dictionary |
