| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Return the proper 403 Forbidden error during errors with JWT logins. (#7844) | Patrick Cloke | 2020-07-15 | 1 | -21/+22 |
| | | |||||
| * | Add the option to validate the `iss` and `aud` claims for JWT logins. (#7827) | Patrick Cloke | 2020-07-14 | 1 | -6/+100 |
| | | |||||
| * | Do not use canonicaljson to magically handle decoding bytes from JSON. (#7802) | Patrick Cloke | 2020-07-10 | 1 | -1/+1 |
| | | |||||
| * | add org.matrix.login.jwt so that m.login.jwt can be deprecated (#7675) | Sorunome | 2020-06-24 | 1 | -3/+7 |
| | | |||||
| * | Performance improvements and refactor of Ratelimiter (#7595) | Andrew Morgan | 2020-06-05 | 1 | -10/+39 |
| | | | | | | | | | | | While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both: * Rather undocumented, and * causing a *lot* of config checks This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation. Best to be reviewed commit-by-commit. | ||||
| * | Fix a bug in automatic user creation with m.login.jwt. (#7585) | Olof Johansson | 2020-06-01 | 1 | -0/+153 |
| | | |||||
| * | Allow expired accounts to logout (#7443) | Andrew Morgan | 2020-05-14 | 1 | -1/+68 |
| | | |||||
| * | Do not allow a deactivated user to login via SSO. (#7240) | Patrick Cloke | 2020-04-09 | 1 | -3/+39 |
| | | |||||
| * | Always whitelist the login fallback for SSO (#7153) | Richard van der Hoff | 2020-03-27 | 1 | -1/+8 |
| | | | | | | | | That fallback sets the redirect URL to itself (so it can process the login token then return gracefully to the client). This would make it pointless to ask the user for confirmation, since the URL the confirmation page would be showing wouldn't be the client's. | ||||
| * | Add a whitelist for the SSO confirmation step. | Richard van der Hoff | 2020-03-02 | 1 | -3/+29 |
| | | |||||
| * | Add a confirmation step to the SSO login flow | Brendan Abolivier | 2020-03-02 | 1 | -0/+85 |
| | | |||||
| * | Implement access token expiry (#5660) | Richard van der Hoff | 2019-07-12 | 1 | -0/+108 |
| | | | | | Record how long an access token is valid for, and raise a soft-logout once it expires. | ||||
| * | Run Black on the tests again (#5170) | Amber Brown | 2019-05-10 | 1 | -27/+9 |
| | | |||||
| * | Add admin api for sending server_notices (#5121) | Richard van der Hoff | 2019-05-02 | 1 | -1/+1 |
| | | |||||
| * | Move admin api impl to its own package | Richard van der Hoff | 2019-05-01 | 1 | -2/+3 |
| | | | | | It doesn't really belong under rest/client/v1 any more. | ||||
| * | Add ratelimiting on failed login attempts (#4865) | Brendan Abolivier | 2019-03-18 | 1 | -0/+45 |
| | | |||||
| * | Add ratelimiting on login (#4821) | Brendan Abolivier | 2019-03-15 | 1 | -0/+118 |
| Add two ratelimiters on login (per-IP address and per-userID). | |||||
 |
index : matrix/thirdparty/synapse.git | |
| Unnamed repository; edit this file 'description' to name the repository. |
| summary refs log tree commit diff |