Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add basic editing support | Erik Johnston | 2019-05-16 | 1 | -9/+82 |
| | |||||
* | Check that event is visible in new APIs | Erik Johnston | 2019-05-16 | 1 | -1/+1 |
| | |||||
* | Add aggregations API | Erik Johnston | 2019-05-16 | 1 | -3/+248 |
| | |||||
* | Add simple pagination API | Erik Johnston | 2019-05-15 | 1 | -0/+30 |
| | |||||
* | Add simple send_relation API and track in DB | Erik Johnston | 2019-05-15 | 1 | -0/+98 |
| | |||||
* | Migrate all tests to use the dict-based config format instead of hanging ↵ | Amber Brown | 2019-05-13 | 2 | -23/+34 |
| | | | | items off HomeserverConfig (#5171) | ||||
* | Run Black on the tests again (#5170) | Amber Brown | 2019-05-10 | 1 | -45/+37 |
| | |||||
* | Add admin api for sending server_notices (#5121) | Richard van der Hoff | 2019-05-02 | 4 | -5/+5 |
| | |||||
* | Move admin api impl to its own package | Richard van der Hoff | 2019-05-01 | 4 | -10/+12 |
| | | | | It doesn't really belong under rest/client/v1 any more. | ||||
* | Merge branch 'develop' of github.com:matrix-org/synapse into ↵ | Erik Johnston | 2019-04-17 | 1 | -2/+2 |
|\ | | | | | | | babolivier/account_expiration | ||||
| * | Merge pull request #5047 from matrix-org/babolivier/account_expiration | Brendan Abolivier | 2019-04-17 | 1 | -1/+99 |
| |\ | | | | | | | Send out emails with links to extend an account's validity period | ||||
| * \ | Merge pull request #5027 from matrix-org/babolivier/account_expiration | Brendan Abolivier | 2019-04-09 | 1 | -2/+49 |
| |\ \ | | | | | | | | | Add time-based account expiration | ||||
| * | | | Collect room-version variations into one place (#4969) | Richard van der Hoff | 2019-04-01 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | Collect all the things that make room-versions different to one another into one place, so that it's easier to define new room versions. | ||||
* | | | | Add management endpoints for account validity | Brendan Abolivier | 2019-04-17 | 1 | -8/+87 |
| |_|/ |/| | | |||||
* | | | Send out emails with links to extend an account's validity period | Brendan Abolivier | 2019-04-17 | 1 | -1/+99 |
| |/ |/| | |||||
* | | Add account expiration feature | Brendan Abolivier | 2019-04-09 | 1 | -2/+49 |
|/ | |||||
* | Fix registration test | Richard van der Hoff | 2019-03-19 | 1 | -1/+2 |
| | | | | | * Set allow_guest_access = True, since we rely on it * config doesn't have a `hostname` attribute; it is `server_name` | ||||
* | Add ratelimiting on login (#4821) | Brendan Abolivier | 2019-03-15 | 1 | -2/+4 |
| | | | Add two ratelimiters on login (per-IP address and per-userID). | ||||
* | Add rate-limiting on registration (#4735) | Brendan Abolivier | 2019-03-05 | 1 | -0/+48 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rate-limiting for registration * Add unit test for registration rate limiting * Add config parameters for rate limiting on auth endpoints * Doc * Fix doc of rate limiting function Co-Authored-By: babolivier <contact@brendanabolivier.com> * Incorporate review * Fix config parsing * Fix linting errors * Set default config for auth rate limiting * Fix tests * Add changelog * Advance reactor instead of mocked clock * Move parameters to registration specific config and give them more sensible default values * Remove unused config options * Don't mock the rate limiter un MAU tests * Rename _register_with_store into register_with_store * Make CI happy * Remove unused import * Update sample config * Fix ratelimiting test for py2 * Add non-guest test | ||||
* | Move register_device into handler | Erik Johnston | 2019-02-18 | 1 | -70/+23 |
| | |||||
* | Fix unit tests | Erik Johnston | 2019-02-18 | 1 | -6/+15 |
| | |||||
* | rework format of change password capability | Neil Johnson | 2019-01-29 | 1 | -2/+2 |
| | |||||
* | support change_password in capabilities end-point | Neil Johnson | 2019-01-29 | 1 | -0/+23 |
| | |||||
* | isort | Neil Johnson | 2019-01-29 | 1 | -1/+2 |
| | |||||
* | enforce auth for capabilities endpoint | Neil Johnson | 2019-01-29 | 1 | -4/+19 |
| | |||||
* | Support room version capabilities in CS API (MSC1804) | Neil Johnson | 2019-01-25 | 1 | -0/+39 |
| | |||||
* | Fix fallback auth on Python 3 (#4197) | Amber Brown | 2018-11-19 | 1 | -0/+104 |
| | |||||
* | Remove some boilerplate in tests (#4156) | Amber Brown | 2018-11-07 | 2 | -95/+52 |
| | |||||
* | Fix typing being reset causing infinite syncs (#4127) | Amber Brown | 2018-11-03 | 1 | -0/+123 |
| | |||||
* | Port tests/ to Python 3 (#3808) | Amber Brown | 2018-09-07 | 1 | -7/+1 |
| | |||||
* | Integrate presence from hotfixes (#3694) | Amber Brown | 2018-08-18 | 1 | -46/+33 |
| | |||||
* | Fix the tests | Amber Brown | 2018-08-15 | 3 | -35/+19 |
| | |||||
* | Run tests under PostgreSQL (#3423) | Amber Brown | 2018-08-13 | 3 | -3/+3 |
| | |||||
* | Run black. | black | 2018-08-10 | 1 | -13/+4 |
| | |||||
* | Test fixes for Python 3 (#3647) | Amber Brown | 2018-08-09 | 3 | -20/+20 |
| | |||||
* | Move v1-only APIs into their own module & isolate deprecated ones (#3460) | Amber Brown | 2018-07-19 | 2 | -4/+12 |
| | |||||
* | Refactor REST API tests to use explicit reactors (#3351) | Amber Brown | 2018-07-17 | 4 | -208/+276 |
| | |||||
* | run isort | Amber Brown | 2018-07-09 | 3 | -15/+14 |
| | |||||
* | mock registrations_require_3pid | Matthew Hodgson | 2018-01-19 | 1 | -0/+1 |
| | |||||
* | Refactor UI auth implementation | Richard van der Hoff | 2017-12-05 | 1 | -4/+7 |
| | | | | | Instead of returning False when auth is incomplete, throw an exception which can be caught with a wrapper. | ||||
* | Fix test | David Baker | 2017-10-17 | 1 | -0/+1 |
| | |||||
* | use jsonschema.FormatChecker for RoomID and UserID strings | pik | 2017-03-23 | 1 | -2/+2 |
| | | | | | | * use a valid filter in rest/client/v2_alpha test Signed-off-by: pik <alexander.maznev@gmail.com> | ||||
* | Stop generating refresh tokens | Richard van der Hoff | 2016-11-28 | 1 | -8/+4 |
| | | | | | | | Since we're not doing refresh tokens any more, we should start killing off the dead code paths. /tokenrefresh itself is a bit of a thornier subject, since there might be apps out there using it, but we can at least not generate refresh tokens on new logins. | ||||
* | Merge pull request #1098 from matrix-org/markjh/bearer_token | Mark Haines | 2016-10-25 | 1 | -0/+2 |
|\ | | | | | Allow clients to supply access_tokens as headers | ||||
| * | Fix unit tests | Mark Haines | 2016-09-12 | 1 | -0/+2 |
| | | |||||
* | | Merge pull request #1164 from pik/error-codes | Erik Johnston | 2016-10-19 | 1 | -40/+87 |
|\ \ | | | | | | | Clarify Error codes for GET /filter/ | ||||
| * | | Refactor test_filter to use real DataStore | pik | 2016-10-18 | 1 | -43/+81 |
| | | | | | | | | | | | | * add tests for filter api errors | ||||
| * | | Error codes for filters | Alexander Maznev | 2016-10-14 | 1 | -3/+12 |
| |/ | | | | | | | | | | | * add tests Signed-off-by: Alexander Maznev <alexander.maznev@gmail.com> | ||||
* / | storage/appservice: make appservice methods only relying on the cache ↵ | Patrik Oldsberg | 2016-10-06 | 1 | -1/+1 |
|/ | | | | synchronous | ||||
* | Implement deleting devices | Richard van der Hoff | 2016-07-26 | 1 | -4/+10 |
| | |||||
* | Register a device_id in the /v2/register flow. | Richard van der Hoff | 2016-07-20 | 1 | -3/+10 |
| | | | | | | | | | | This doesn't cover *all* of the registration flows, but it does cover the most common ones: in particular: shared_secret registration, appservice registration, and normal user/pass registration. Pull device_id from the registration parameters. Register the device in the devices table. Associate the device with the returned access and refresh tokens. Profit. | ||||
* | Further registration refactoring | Richard van der Hoff | 2016-07-19 | 1 | -1/+5 |
| | | | | | | | | | | | | | | * `RegistrationHandler.appservice_register` no longer issues an access token: instead it is left for the caller to do it. (There are two of these, one in `synapse/rest/client/v1/register.py`, which now simply calls `AuthHandler.issue_access_token`, and the other in `synapse/rest/client/v2_alpha/register.py`, which is covered below). * In `synapse/rest/client/v2_alpha/register.py`, move the generation of access_tokens into `_create_registration_details`. This means that the normal flow no longer needs to call `AuthHandler.issue_access_token`; the shared-secret flow can tell `RegistrationHandler.register` not to generate a token; and the appservice flow continues to work despite the above change. | ||||
* | rest/client/v2_alpha/register.py: Refactor flow somewhat. | Richard van der Hoff | 2016-07-19 | 1 | -1/+2 |
| | | | | | | | | | | | This is meant to be an *almost* non-functional change, with the exception that it fixes what looks a lot like a bug in that it only calls `auth_handler.add_threepid` and `add_pusher` once instead of three times. The idea is to move the generation of the `access_token` out of `registration_handler.register`, because `access_token`s now require a device_id, and we only want to generate a device_id once registration has been successful. | ||||
* | Split out the auth handler | David Baker | 2016-06-02 | 1 | -1/+1 |
| | |||||
* | Fix tests | David Baker | 2016-03-16 | 1 | -4/+5 |
| | |||||
* | Flake8 fix | blide | 2016-03-10 | 1 | -6/+6 |
| | |||||
* | Register endpoint returns refresh_token | blide | 2016-03-10 | 1 | -12/+18 |
| | | | | Guest registration still doesn't return refresh_token | ||||
* | Fix tests | David Baker | 2016-03-07 | 1 | -2/+2 |
| | |||||
* | Fix flake8 warnings for tests | Mark Haines | 2016-02-19 | 3 | -14/+11 |
| | |||||
* | Rename config field to reflect yaml name | Daniel Wagner-Hall | 2016-02-03 | 1 | -2/+2 |
| | |||||
* | copyrights | Matthew Hodgson | 2016-01-07 | 2 | -2/+2 |
| | |||||
* | Allow guests to register and call /events?room_id= | Daniel Wagner-Hall | 2015-11-04 | 1 | -1/+2 |
| | | | | | | | This follows the same flows-based flow as regular registration, but as the only implemented flow has no requirements, it auto-succeeds. In the future, other flows (e.g. captcha) may be required, so clients should treat this like the regular registration flow choices. | ||||
* | s/user_id/user/g for consistency | Daniel Wagner-Hall | 2015-09-01 | 1 | -1/+1 |
| | |||||
* | Attempt to validate macaroons | Daniel Wagner-Hall | 2015-08-26 | 1 | -2/+2 |
| | | | | | | | | | | | | | A couple of weird caveats: * If we can't validate your macaroon, we fall back to checking that your access token is in the DB, and ignoring the failure * Even if we can validate your macaroon, we still have to hit the DB to get the access token ID, which we pretend is a device ID all over the codebase. This mostly adds the interesting code, and points out the two pieces we need to delete (and necessary conditions) in order to fix the above caveats. | ||||
* | Stop looking up "admin", which we never read | Daniel Wagner-Hall | 2015-08-25 | 1 | -1/+0 |
| | |||||
* | Remove completely unused concepts from codebase | Daniel Wagner-Hall | 2015-08-25 | 1 | -1/+0 |
| | | | | | | | | | | Removes device_id and ClientInfo device_id is never actually written, and the matrix.org DB has no non-null entries for it. Right now, it's just cluttering up code. This doesn't remove the columns from the database, because that's fiddly. | ||||
* | Merge branch 'develop' into refresh | Daniel Wagner-Hall | 2015-08-20 | 1 | -1/+2 |
|\ | | | | | | | | | Conflicts: synapse/rest/client/v1/login.py | ||||
| * | Fix tests | David Baker | 2015-08-04 | 1 | -1/+2 |
| | | |||||
* | | s/by_token/by_access_token/g | Daniel Wagner-Hall | 2015-08-20 | 1 | -2/+2 |
|/ | | | | We're about to have two kinds of token, access and refresh | ||||
* | Use the same reg paths as register v1 for ASes. | Kegan Dougal | 2015-07-29 | 1 | -1/+3 |
| | | | | Namely this means using registration_handler.appservice_register. | ||||
* | Fix v2_alpha registration. Add unit tests. | Kegan Dougal | 2015-07-28 | 1 | -0/+132 |
| | | | | | | | | V2 Registration forced everyone (including ASes) to create a password for a user, when ASes should be able to omit passwords. Also unbreak AS registration in general which checked too early if the given username was claimed by an AS; it was checked before knowing if the AS was the one doing the registration! Add unit tests for AS reg, user reg and disabled_registration flag. | ||||
* | Merge branch 'develop' into application-services | Kegan Dougal | 2015-02-11 | 1 | -8/+5 |
|\ | |||||
| * | Factor out some of the common homeserver setup code into a | Mark Haines | 2015-02-11 | 1 | -8/+5 |
| | | | | | | | | setup_test_homeserver function in utils. | ||||
* | | Modify auth.get_user_by_req for authing appservices directly. | Kegan Dougal | 2015-02-09 | 1 | -1/+3 |
|/ | | | | | | Add logic to map the appservice token to the autogenned appservice user ID. Add unit tests for all forms of get_user_by_req (user/appservice, valid/bad/missing tokens) | ||||
* | Merge in auth changes from develop | Mark Haines | 2015-01-29 | 1 | -0/+1 |
| | |||||
* | More unit-testing of REST errors | Paul "LeoNerd" Evans | 2015-01-27 | 1 | -1/+35 |
| | |||||
* | Move storage of user filters into real datastore layer; now have to mock it ↵ | Paul "LeoNerd" Evans | 2015-01-27 | 2 | -3/+27 |
| | | | | out in the REST-level tests | ||||
* | Use new V2AlphaRestTestCase | Paul "LeoNerd" Evans | 2015-01-27 | 1 | -38/+2 |
| | |||||
* | Merge branch 'develop' into client_v2_filter | Paul "LeoNerd" Evans | 2015-01-27 | 1 | -0/+45 |
|\ | |||||
| * | Initial cut of a shared base class for REST unit tests | Paul "LeoNerd" Evans | 2015-01-27 | 1 | -0/+45 |
| | | |||||
* | | Minor changes to v2_alpha filter REST test to allow the setUp method to be ↵ | Paul "LeoNerd" Evans | 2015-01-27 | 1 | -5/+7 |
| | | | | | | | | shareable | ||||
* | | Initial trivial REST test of v2_alpha filter API | Paul "LeoNerd" Evans | 2015-01-26 | 1 | -0/+74 |
|/ | |||||
* | Create (empty) v2_alpha REST tests directory | Paul "LeoNerd" Evans | 2015-01-26 | 1 | -0/+15 |