summary refs log tree commit diff
path: root/synapse/api/auth.py (follow)
Commit message (Expand)AuthorAgeFilesLines
* run isortAmber Brown2018-07-091-3/+4
* add ip_range_whitelist parameter to limit where ASes can connect fromMatthew Hodgson2018-06-281-0/+6
* Don't print invalid access tokens in the logsTravis Ralston2018-06-241-2/+2
* Refactor get_send_level to take a power_levels eventRichard van der Hoff2018-06-141-1/+1
* Consistently use six's iteritems and wrap lazy keys/values in list() if they'...Amber Brown2018-05-311-1/+3
* replacing portionsAmber Brown2018-05-211-1/+1
* Add b prefixes to some strings that are bytes in py3Adrian Tschira2018-04-041-5/+5
* Improve comments on get_user_by_access_tokenRichard van der Hoff2017-11-291-1/+5
* Add a config option to block all room invites (#2457)Richard van der Hoff2017-09-191-0/+8
* Merge pull request #2309 from matrix-org/erikj/user_ip_replErik Johnston2017-07-061-1/+1
|\
| * Fix upErik Johnston2017-06-271-1/+1
* | Cache macaroon parse and validationErik Johnston2017-06-291-13/+60
|/
* Batch upsert user ipsErik Johnston2017-06-271-2/+1
* Change is_host_joined to use current_state tableErik Johnston2017-06-091-11/+2
* Fix a couple of logcontext leaksRichard van der Hoff2017-03-231-3/+2
* Change resolve_state_groups call site logging to DEBUGErik Johnston2017-01-171-1/+1
* Remove unused functionErik Johnston2017-01-131-3/+0
* Split event auth code into seperate moduleErik Johnston2017-01-131-645/+9
* Split out static auth methods from Auth objectErik Johnston2017-01-101-419/+495
* Fix flake8 and update changelog v0.18.6-rc3Mark Haines2017-01-051-1/+1
* add logging for all the places we call resolve_state_groups. my kingdom for a...Matthew Hodgson2017-01-051-0/+1
* Prevent user tokens being used as guest tokens (#1675)Richard van der Hoff2016-12-061-15/+36
* Rip out more refresh_token codeRichard van der Hoff2016-11-301-3/+2
* Merge pull request #1656 from matrix-org/rav/remove_time_caveatRichard van der Hoff2016-11-301-3/+13
|\
| * CommentsRichard van der Hoff2016-11-301-3/+9
| * Stop putting a time caveat on access tokensRichard van der Hoff2016-11-291-0/+4
* | Merge pull request #1653 from matrix-org/rav/guest_e2eRichard van der Hoff2016-11-291-1/+5
|\ \ | |/ |/|
| * Give guest users a device_idRichard van der Hoff2016-11-251-1/+5
* | Remove redundant list of known caveat prefixesRichard van der Hoff2016-11-241-26/+8
|/
* Merge pull request #1098 from matrix-org/markjh/bearer_tokenMark Haines2016-10-251-9/+37
|\
| * Fix unit testsMark Haines2016-09-121-1/+1
| * Allow clients to supply access_tokens as headersMark Haines2016-09-091-9/+37
* | Closing brace on following lineLuke Barnard2016-10-201-1/+2
* | as_user->app_service, less redundant comments, better positioned commentsLuke Barnard2016-10-201-3/+3
* | flake8Luke Barnard2016-10-201-1/+3
* | Use real AS object by passing it through the requesterLuke Barnard2016-10-201-7/+7
* | Merge pull request #1157 from Rugvip/nolimitErik Johnston2016-10-111-4/+3
|\ \
| * | storage/appservice: make appservice methods only relying on the cache synchro...Patrik Oldsberg2016-10-061-4/+3
* | | api/auth: fix for not being allowed to set your own state_keyPatrik Oldsberg2016-09-301-10/+0
|/ /
* | Update commentsErik Johnston2016-09-221-2/+3
* | Add commentsErik Johnston2016-09-221-0/+3
* | Shuffle things around to make unit tests workErik Johnston2016-09-221-14/+15
* | Allow invites via 3pid to bypass sender sig checkErik Johnston2016-09-221-1/+16
|/
* Add helper function for getting access_tokens from requestsMark Haines2016-09-091-7/+51
* Handle the fact that workers can't generate state groupsErik Johnston2016-08-311-2/+4
* Correctly handle the difference between prev and current stateErik Johnston2016-08-311-2/+2
* Cache check_host_in_roomErik Johnston2016-08-261-14/+6
* Add measure on check_host_in_roomErik Johnston2016-08-261-11/+12
* Pull out full state lessErik Johnston2016-08-251-6/+7
* Replace context.current_state with context.current_state_idsErik Johnston2016-08-251-24/+44
* Fix login with m.login.tokenRichard van der Hoff2016-08-081-15/+30
* Merge pull request #952 from matrix-org/markjh/more_fixesMark Haines2016-07-261-0/+4
|\
| * Check if the user is banned when handling 3pid invitesMark Haines2016-07-261-0/+4
* | Add `create_requester` functionRichard van der Hoff2016-07-261-13/+11
|/
* Record device_id in client_ipsRichard van der Hoff2016-07-201-6/+23
* More doc-commentsRichard van der Hoff2016-07-201-3/+2
* Fix 500 ISE when sending alias event without a state_keyMark Haines2016-07-151-0/+5
* Merge pull request #919 from matrix-org/erikj/auth_fixErik Johnston2016-07-151-1/+25
|\
| * Check sender signed eventErik Johnston2016-07-141-2/+8
| * Check if alias event's state_key matches sender's domainErik Johnston2016-07-131-0/+11
| * Check creation event's room_id domain matches sender'sErik Johnston2016-07-131-0/+7
* | Bug fix: expire invalid access tokensNegar Fazeli2016-07-131-0/+3
|/
* Fix bug where we did not correctly explode when multiple user_ids were set in...Erik Johnston2016-07-071-5/+10
* Working unsubscribe links going straight to the HSDavid Baker2016-06-021-0/+7
* Merge remote-tracking branch 'origin/develop' into dbkr/email_unsubscribeDavid Baker2016-06-021-0/+18
|\
| * special case m.room.third_party_invite event auth to match invites, otherwise...Matthew Hodgson2016-06-011-0/+18
* | WIP on unsubscribing email notifs without logging inDavid Baker2016-06-011-9/+16
|/
* Spell "domain" correctlyMark Haines2016-05-161-8/+8
* Create user with expiryNegi Fazeli2016-05-131-1/+2
* Add and use get_domian_from_idErik Johnston2016-05-091-8/+8
* Measure Auth.checkErik Johnston2016-04-131-47/+50
* Don't auto log failed auth checksErik Johnston2016-04-131-53/+45
* Add published room list edit APIErik Johnston2016-03-211-4/+50
* Send the user ID matching the guest access token, since there is no Matrix AP...David Baker2016-03-071-2/+2
* Allow third_party_signed to be specified on /joinDaniel Wagner-Hall2016-02-231-21/+36
* Fix up logcontextsErik Johnston2016-02-081-1/+3
* Log more diagnostics for unrecognised access tokensDaniel Wagner-Hall2016-02-021-0/+2
* Fix flake8 warnings for new flake8Daniel Wagner-Hall2016-02-021-1/+1
* Don't error on AS non-ghost user useDaniel Wagner-Hall2016-01-181-0/+2
* Pull out app service user lookupDaniel Wagner-Hall2016-01-181-31/+28
* Require AS users to be registered before useDaniel Wagner-Hall2016-01-131-0/+5
* Introduce a Requester objectDaniel Wagner-Hall2016-01-111-3/+5
* Allow guests to upgrade their accountsDaniel Wagner-Hall2016-01-051-3/+3
* Strip address and such out of 3pid invitesDaniel Wagner-Hall2015-12-171-1/+1
* Allow user to redact with an equal powerErik Johnston2015-11-261-1/+1
* Merge branch 'develop' into daniel/forgetroomsPaul "LeoNerd" Evans2015-11-191-8/+17
|\
| * Take a boolean not a list of lambdasDaniel Wagner-Hall2015-11-191-8/+17
* | Allow users to forget roomsDaniel Wagner-Hall2015-11-171-0/+7
|/
* Always check guest = true in macaroonsSteven Hammerton2015-11-171-1/+2
* Share more code between macaroon validationSteven Hammerton2015-11-111-9/+10
* Exchange 3pid invites for m.room.member invitesDaniel Wagner-Hall2015-11-051-35/+38
* Allow guests to register and call /events?room_id=Daniel Wagner-Hall2015-11-041-41/+54
* Reject events which are too largeDaniel Wagner-Hall2015-10-221-1/+21
* Allow rejecting invitesDaniel Wagner-Hall2015-10-201-1/+5
* Stuff signed data in a standalone objectDaniel Wagner-Hall2015-10-161-7/+14
* Add signing host and keyname to signaturesDaniel Wagner-Hall2015-10-161-5/+9
* Verify third party ID server certificatesDaniel Wagner-Hall2015-10-161-0/+11
* Remove unnecessary class-wrappingDaniel Wagner-Hall2015-10-131-3/+3
* Add some docstringDaniel Wagner-Hall2015-10-131-0/+15
* Move event contents into third_party_layout fieldDaniel Wagner-Hall2015-10-131-9/+12
* Add third party invites to auth_events for joinsDaniel Wagner-Hall2015-10-061-0/+5
* Merge branch 'develop' into daniel/3pidinvitesDaniel Wagner-Hall2015-10-051-1/+24
|\
| * Merge branch 'develop' of github.com:matrix-org/synapse into erikj/unfederatableErik Johnston2015-10-021-3/+140
| |\
| * \ Merge branch 'develop' of github.com:matrix-org/synapse into erikj/unfederatableErik Johnston2015-09-141-8/+27
| |\ \
| * | | Also check the domains for membership state_keysErik Johnston2015-09-011-0/+9
| * | | Merge branch 'erikj/check_room_exists' into erikj/unfederatableErik Johnston2015-09-011-0/+8
| |\ \ \
| * | | | Check against sender rather than event_idErik Johnston2015-09-011-3/+3
| * | | | Add flag which disables federation of the roomErik Johnston2015-09-011-1/+15
* | | | | Implement third party identifier invitesDaniel Wagner-Hall2015-10-011-1/+32
| |_|_|/ |/| | |
* | | | Merge pull request #276 from matrix-org/markjh/history_for_rooms_that_have_be...Mark Haines2015-09-211-0/+51
|\ \ \ \
| * | | | Clarify which event is returned by check_user_was_in_roomMark Haines2015-09-211-2/+3
| * | | | Allow rooms/{roomId}/state for a room that has been leftMark Haines2015-09-091-1/+2
| * | | | Allow room initialSync for users that have left the room, returning a snapsho...Mark Haines2015-09-091-0/+49
* | | | | Merge pull request #256 from matrix-org/authDaniel Wagner-Hall2015-09-141-3/+89
|\ \ \ \ \ | |_|_|_|/ |/| | | |
| * | | | s/user_id/user/g for consistencyDaniel Wagner-Hall2015-09-011-10/+10
| * | | | Attempt to validate macaroonsDaniel Wagner-Hall2015-08-261-9/+95
| | |/ / | |/| |
* | | | Merge pull request #265 from matrix-org/erikj/check_room_existsErik Johnston2015-09-141-0/+8
|\ \ \ \ | |_|/ / |/| | / | | |/ | |/|
| * | Fix testsErik Johnston2015-09-011-1/+1
| * | Check room exists when authenticating an event, by asserting they reference a...Erik Johnston2015-09-011-0/+8
| |/
* | Check domain of events properlyDaniel Wagner-Hall2015-09-011-1/+3
* | Allow users to redact their own eventsDaniel Wagner-Hall2015-08-281-8/+25
|/
* Stop looking up "admin", which we never readDaniel Wagner-Hall2015-08-251-3/+1
* Re-wrap lineDaniel Wagner-Hall2015-08-251-3/+1
* Remove completely unused concepts from codebaseDaniel Wagner-Hall2015-08-251-10/+7
* s/by_token/by_access_token/gDaniel Wagner-Hall2015-08-201-3/+3
* Set request.authenticated_entity for application servicesErik Johnston2015-08-181-0/+3
* Add missing space because linterDaniel Wagner-Hall2015-08-111-1/+1
* Minor docs cleanupDaniel Wagner-Hall2015-08-111-2/+7
* Remove redundant if-guardDaniel Wagner-Hall2015-08-111-13/+12
* Merge branch 'develop' of github.com:matrix-org/synapse into erikj/power_leve...Erik Johnston2015-07-131-1/+2
|\
| * Add m.room.history_visibility to newly created rooms' m.room.power_levelsErik Johnston2015-07-061-0/+1
| * Add m.room.history_visibility to list of auth eventsErik Johnston2015-07-031-1/+1
* | Sanitize power level checksErik Johnston2015-07-101-15/+21
* | You shouldn't be able to ban/kick users with higher power levelsErik Johnston2015-07-101-2/+5
|/
* Log more when we have processed the requestErik Johnston2015-06-151-0/+2
* TypoErik Johnston2015-05-011-1/+1
* Remove some run_on_reactorsErik Johnston2015-05-011-3/+0
* Don't log all auth events every time we call auth.checkErik Johnston2015-05-011-1/+4
* Don't wait for storage of access_tokenErik Johnston2015-05-011-1/+1
* Merge pull request #126 from matrix-org/csauthMark Haines2015-04-281-19/+27
|\
| * Merge branch 'develop' into csauthDavid Baker2015-04-241-58/+30
| |\
| * | Add an error code to 'missing token' response.David Baker2015-04-231-1/+2
| * | Merge branch 'develop' into csauthDavid Baker2015-04-171-14/+11
| |\ \
| * | | unused importDavid Baker2015-03-241-1/+1
| * | | 1) Pushers are now associated with an access tokenDavid Baker2015-03-241-18/+25
* | | | Merge branch 'develop' into invite_power_levelPaul "LeoNerd" Evans2015-04-271-36/+12
|\ \ \ \ | | |_|/ | |/| |
| * | | Neater fetching of user's auth level in a room - squash to int() at access ti...Paul "LeoNerd" Evans2015-04-221-35/+12
| * | | Appease pep8Paul "LeoNerd" Evans2015-04-221-1/+0
* | | | Also remember to check 'invite' level for changesPaul "LeoNerd" Evans2015-04-211-0/+1
* | | | Initial implementation of an 'invite' power_levelPaul "LeoNerd" Evans2015-04-211-0/+7
|/ / /
* | | Much neater fetching of defined powerlevels from m.room.power_levels state eventPaul "LeoNerd" Evans2015-04-211-31/+21
* | | Remove debugging print statement accidentally committedPaul "LeoNerd" Evans2015-04-211-1/+0
* | | Sanitise a user's powerlevel to an int() before numerical comparison, because...Paul "LeoNerd" Evans2015-04-211-0/+7
| |/ |/|
* | Neater implementation of membership change auth checks, ensuring we can't for...Paul "LeoNerd" Evans2015-04-151-18/+10
* | Ensure that non-room-members cannot ban others, even if they do have enough p...Paul "LeoNerd" Evans2015-04-151-0/+5
* | Fix a bug which causes a send event level of 0 to not be honoured.Kegan Dougal2015-04-071-1/+1
|/
* @cached() annotate get_user_by_token() - achieves a minor DB performance impr...Paul "LeoNerd" Evans2015-03-171-1/+1
* Remove concept of context.auth_events, instead use context.current_stateErik Johnston2015-03-161-6/+0
* Make context.auth_events grap auth events from current state. Otherwise auth ...Erik Johnston2015-03-161-1/+7
* Respect ban membershipErik Johnston2015-03-161-5/+17
* Merge branch 'develop' into application-servicesKegan Dougal2015-02-111-7/+14
|\
| * During room intial sync, only calculate current state once.Erik Johnston2015-02-091-7/+14
* | Modify auth.get_user_by_req for authing appservices directly.Kegan Dougal2015-02-091-18/+16
* | Grant ASes the ability to create alias in their own namespace.Kegan Dougal2015-02-061-0/+12
* | Fix unit tests.Kegan Dougal2015-02-051-0/+6
* | Add CS extension for masquerading as users within the namespaces specified by...Kegan Dougal2015-02-051-0/+23
|/
* Change context.auth_events to what the auth_events would be bases on context....Erik Johnston2015-02-041-6/+6
* Keep around the old (buggy) version of the prune_event function so that we ca...Erik Johnston2015-02-031-2/+0
* Fix bug where we superfluously asked for current state. Change API of /query_...Erik Johnston2015-01-301-0/+2
* Merge branch 'develop' of github.com:matrix-org/synapse into rejectionsErik Johnston2015-01-301-3/+8
|\
| * Rename ClientID to ClientInfo since it is a pair of IDs rather than a single ...Mark Haines2015-01-281-2/+2
| * Add a : to the doc string after the type of the return valueMark Haines2015-01-281-1/+1
| * Extract the id token of the token when authing users, include the token and d...Mark Haines2015-01-281-3/+5
| * Return the device_id from get_auth_by_reqMark Haines2015-01-281-2/+5
* | Start implementing auth conflict resErik Johnston2015-01-281-17/+21
|/
* Replace hs.parse_userid with UserID.from_stringMark Haines2015-01-231-4/+5
* SYN-154: Tweak how the m.room.create check is done.Kegan Dougal2015-01-071-10/+1
* SYN-154: Better error messages when joining an unknown room by ID.Kegan Dougal2015-01-071-1/+10
* Update copyright noticesMark Haines2015-01-061-1/+1
* Make auth module use EventTypes constantsErik Johnston2014-12-121-27/+23
* Fix stream test. Make sure we add join to auth_events for invitiationsErik Johnston2014-12-121-0/+6
* Remove unused importErik Johnston2014-12-081-1/+0
* Various typos and bug fixes.Erik Johnston2014-12-081-7/+9
* Start making more things use EventContext rather than event.*Erik Johnston2014-12-051-13/+20
* Begin converting things to use the new Event structureErik Johnston2014-12-041-9/+2
* WIP for new way of managing events.Erik Johnston2014-12-031-6/+7
* Fix bugs when joining a remote room that has dodgy event graphs. This should ...Erik Johnston2014-11-271-2/+8
* Fix bugs in invite/join dances.Erik Johnston2014-11-251-70/+68
* Add missing None checkErik Johnston2014-11-241-1/+1
* Fix pep8 codestyle warningsMark Haines2014-11-201-1/+1
* Only users can set state events which have their own user_idErik Johnston2014-11-191-0/+20
* Null check when determining default power levelsMark Haines2014-11-181-1/+2
* Fix auth to correctly handle initial creation of roomsErik Johnston2014-11-181-3/+21
* Fix bugs with invites/joins across federatiom.Erik Johnston2014-11-121-3/+16
* Add an EventValidator. Fix bugs in auth ++ storageErik Johnston2014-11-101-5/+11
* PEP8Erik Johnston2014-11-101-2/+1
* Fix backfill to work. Add auth to backfill requestErik Johnston2014-11-101-0/+6
* Notify users about invites.Erik Johnston2014-11-101-7/+9
* Fix invite authErik Johnston2014-11-101-3/+5
* Fix joining over federationErik Johnston2014-11-071-2/+51
* Start implementing auth chainsErik Johnston2014-11-071-2/+1
* Neaten things up a bitErik Johnston2014-11-071-5/+2
* Amalgamate all power levels.Erik Johnston2014-11-061-149/+72
* Fix auth checks to all use the given old_event_stateErik Johnston2014-11-051-24/+31
* Fix bug in redaction auth.Erik Johnston2014-10-311-2/+2
* Fix bug where people could join private roomsErik Johnston2014-10-171-39/+47
* Use state groups to get current state. Make join dance actually work.Erik Johnston2014-10-171-0/+5
* Finish implementing the new join dance.Erik Johnston2014-10-171-0/+9
* Start implementing the invite/join dance. Continue moving auth to use event.s...Erik Johnston2014-10-161-10/+6
* Begin making auth use event.old_state_eventsErik Johnston2014-10-151-43/+70
* Update docstringErik Johnston2014-09-291-1/+1
* SYN-48: Implement WHOIS rest servletErik Johnston2014-09-291-9/+19
* Add auth check to test if a user is an admin or not.Erik Johnston2014-09-291-0/+3
* SYN-48: Track User-Agents as well as IPs for client devices.Erik Johnston2014-09-291-1/+10
* Track the IP users connect with. Add an admin column to users table.Erik Johnston2014-09-261-1/+9
* Merge branch 'deletions' of github.com:matrix-org/synapse into developErik Johnston2014-09-251-3/+31
|\
| * Rename deletions to redactionsErik Johnston2014-09-241-9/+9
| * SYN-12: Implement auth for deletion by adding a 'delete_level' on the ops lev...Erik Johnston2014-09-231-3/+31
* | SYN-70: And fix another bug where I can't typeErik Johnston2014-09-241-1/+1
* | SYN-70: Fix typoErik Johnston2014-09-241-1/+1
|/
* Validate power levels event changes. Change error messages to be more helpful...Erik Johnston2014-09-051-10/+37
* Generate m.room.aliases event when the HS creates a room aliasErik Johnston2014-09-051-1/+6
* AUth the contents of power level eventsErik Johnston2014-09-051-1/+72
* Change the default power levels to be 0, 50 and 100Erik Johnston2014-09-051-2/+2
* fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org has...Matthew Hodgson2014-09-031-1/+1
* Fix bug where we didn't correctly store the ops power levels event.Erik Johnston2014-09-021-0/+5
* Implement auth for kicking.Erik Johnston2014-09-021-3/+10
* Add all the necessary checks to make banning work.Erik Johnston2014-09-011-2/+38
* Add beginnings of ban support.Erik Johnston2014-09-011-0/+19
* Implement power level lists, default power levels and send_evnet_level/add_st...Erik Johnston2014-09-011-12/+84
* add _get_room_member, fix datastore methodsMark Haines2014-08-271-1/+3
* Merge branch 'develop' into storage_transactionsMark Haines2014-08-271-0/+2
|\
| * Modified /join/$identifier to support $identifier being a room ID in addition...Kegan Dougal2014-08-271-0/+2
* | Merge branch 'develop' into storage_transactionsMark Haines2014-08-261-19/+20
|\|
| * Fix pyflakes errorsMark Haines2014-08-261-2/+1
| * Removed member list servlet: now using generic state paths.Kegan Dougal2014-08-261-5/+7
| * Impl: /rooms/roomid/state/eventtype/state_key - Renamed RoomTopicRestServlet ...Kegan Dougal2014-08-221-8/+8
* | Take a snapshot of the state of the room before performing updatesMark Haines2014-08-221-5/+11
|/
* Added M_UNKNOWN_TOKEN error code and send it when there is an unrecognised ac...Kegan Dougal2014-08-141-2/+3
* fix whitespaceMatthew Hodgson2014-08-141-0/+1
* add in whitespace after copyright statements to improve legibilityMatthew Hodgson2014-08-131-0/+1
* Reference Matrix Home Servermatrix.org2014-08-121-0/+164