summary refs log tree commit diff
path: root/CONTRIBUTING.rst (unfollow)
Commit message (Collapse)AuthorFilesLines
2019-06-06Remove debug logging and make diff nicerAndrew Morgan6-6/+2
2019-06-06lintAndrew Morgan2-3/+12
2019-06-06Fix typo and logic issueAndrew Morgan1-3/+3
2019-06-06We don't support msisdn, geddit?Andrew Morgan1-3/+9
2019-06-06Fix checkers, remove debug loggingAndrew Morgan1-20/+9
2019-06-06Make servlet clearerAndrew Morgan1-3/+3
2019-06-06Fix bugs with databaseAndrew Morgan4-69/+41
2019-06-06Fix clientip bugAndrew Morgan1-1/+6
2019-06-06lintAndrew Morgan1-1/+1
2019-06-06update endpointAndrew Morgan2-3/+10
2019-06-06Send password reset from HS: Sending the email (#5345)Andrew Morgan14-57/+452
* Ability to send password reset emails This changes the default behaviour of Synapse to send password reset emails itself rather than through an identity server. The reasoning behind the change is to prevent a malicious identity server from being able to initiate a password reset attempt and then answering it, successfully resetting their password, all without the user's knowledge. This also aides in decentralisation by putting less trust on the identity server itself, which traditionally is quite centralised. If users wish to continue with the old behaviour of proxying password reset requests through the user's configured identity server, they can do so by setting email.enable_password_reset_from_is to True in Synapse's config. Users should be able that with that option disabled (the default), password resets will now no longer work unless email sending has been enabled and set up correctly. * Fix validation token lifetime email_ prefix * Add changelog * Update manifest to include txt/html template files * Update db * mark jinja2 and bleach as required dependencies * Add email settings to default unit test config * Update unit test template dir * gen sample config * Add html5lib as a required dep * Modify check for smtp settings to be kinder to CI * silly linting rules * Correct html5lib dep version number * one more time * Change template_dir to originate from synapse root dir * Revert "Modify check for smtp settings to be kinder to CI" This reverts commit 6d2d3c9fd3fb5cf2f954cc9ec0929832a3112124. * Move templates. New option to disable password resets * Update templates and make password reset option work * Change jinja2 and bleach back to opt deps * Update email condition requirement * Only import jinja2/bleach if we need it * Update sample config * Revert manifest changes for new res directory * Remove public_baseurl from unittest config * infer ability to reset password from email config * Address review comments * regen sample config * test for ci * Remove CI test * fix bug? * Run bg update on the master process
2019-06-06Run bg update on the master processAndrew Morgan1-5/+5
2019-06-06Move endpoint to _synapseAndrew Morgan5-173/+109
2019-06-06fix bug?Andrew Morgan1-1/+1
2019-06-06Remove CI testAndrew Morgan1-2/+2
2019-06-06