summary refs log tree commit diff
path: root/synapse/handlers/auth.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Make select more sensible when dseleting access tokens, rename pusher ↵David Baker2016-03-111-1/+1
| | | | deletion to match access token deletion and make exception arg optional.
* Delete old, unused methods and rename new one to just be ↵David Baker2016-03-111-1/+1
| | | | `user_delete_access_tokens` with an `except_token_ids` argument doing what it says on the tin.
* Dear PyCharm, please indent sensibly for me. Thx.David Baker2016-03-111-2/+2
|
* Fix cache invalidation so deleting access tokens (which we did when changing ↵David Baker2016-03-111-4/+9
| | | | password) actually takes effect without HS restart. Reinstate the code to avoid logging out the session that changed the password, removed in 415c2f05491ce65a4fc34326519754cd1edd9c54
* Stop using checkpw as it seems to have vanished from bcrypt. Use ↵David Baker2016-03-021-1/+1
| | | | `bcrypt.hashpw(password, hashed) == hashed` as per the bcrypt README.
* Allow guests to upgrade their accountsDaniel Wagner-Hall2016-01-051-3/+3
|
* Take a boolean not a list of lambdasDaniel Wagner-Hall2015-11-191-1/+1
|
* Minor review fixesSteven Hammerton2015-11-111-4/+4
|
* Share more code between macaroon validationSteven Hammerton2015-11-111-48/+7
|
* Allow hs to do CAS login completely and issue the client with a login token ↵Steven Hammerton2015-11-051-3/+73
| | | | that can be redeemed for the usual successful login response
* Allow guests to register and call /events?room_id=Daniel Wagner-Hall2015-11-041-1/+4
| | | | | | | This follows the same flows-based flow as regular registration, but as the only implemented flow has no requirements, it auto-succeeds. In the future, other flows (e.g. captcha) may be required, so clients should treat this like the regular registration flow choices.
* Add config for how many bcrypt rounds to use for password hashesMark Haines2015-10-161-1/+2
| | | | | By default we leave it at the default value of 12. But now we can reduce it for preparing users for loadtests or running integration tests.
* Formatting changesSteven Hammerton2015-10-101-1/+2
|
* Provide ability to login using CASSteven Hammerton2015-10-101-0/+31
|
* Allow configuration to ignore invalid SSL certsDaniel Wagner-Hall2015-09-091-2/+1
| | | | | This will be useful for sytest, and sytest only, hence the aggressive config key name.
* Swap out bcrypt for md5 in testsDaniel Wagner-Hall2015-08-261-2/+25
| | | | This reduces our ~8 second sequential test time down to ~7 seconds
* Merge erikj/user_dedup to developDaniel Wagner-Hall2015-08-261-8/+31
|
* Fix bad mergeDaniel Wagner-Hall2015-08-201-8/+1
|
* Fix indentationDaniel Wagner-Hall2015-08-201-1/+2
|
* Fix flake8 warningsDaniel Wagner-Hall2015-08-201-4/+6
|
* Merge branch 'auth' into refreshDaniel Wagner-Hall2015-08-201-3/+3
|\ | | | | | | | | Conflicts: synapse/handlers/register.py
* | Merge branch 'develop' into refreshDaniel Wagner-Hall2015-08-201-1/+1
|\| | | | | | | | | Conflicts: synapse/rest/client/v1/login.py
| * Another use of check_password that got missed in the yield fixDavid Baker2015-08-201-1/+1
| |
* | /tokenrefresh POST endpointDaniel Wagner-Hall2015-08-201-5/+30
| | | | | | | | | | | | | | | | This allows refresh tokens to be exchanged for (access_token, refresh_token). It also starts issuing them on login, though no clients currently interpret them.
* | Move token generation to auth handlerDaniel Wagner-Hall2015-08-201-5/+24
|/ | | | | I prefer the auth handler to worry about all auth, and register to call into it as needed, than to smatter auth logic between the two.
* Remove an access token log lineErik Johnston2015-08-191-1/+1
|
* Fix regression where we incorrectly responded with a 200 to /loginErik Johnston2015-08-191-1/+2
|
* Merge password checking implementationsDaniel Wagner-Hall2015-08-121-20/+15
|
* Simplify LoginHander and AuthHandlerDaniel Wagner-Hall2015-08-121-18/+72
| | | | | | | | | * Merge LoginHandler -> AuthHandler * Add a bunch of documentation * Improve some naming * Remove unused branches I will start merging the actual logic of the two handlers shortly
* Add back in support for remembering parameters submitted to a ↵David Baker2015-07-151-2/+4
| | | | user-interactive auth call.
* Merge branch 'develop' into markjh/SYT-8-recaptchaMark Haines2015-05-291-0/+1
|\ | | | | | | | | Conflicts: synapse/handlers/auth.py
| * SYN-395: Fix CAPTCHA, don't double decode jsonErik Johnston2015-05-281-2/+3
| |
* | Add config for setting the recaptcha verify api endpoint, so we can test it ↵Mark Haines2015-05-291-3/+3
|/ | | | in sytest
* This api now no longer returns an arrayDavid Baker2015-05-011-1/+1
|
* Add commentage.David Baker2015-04-271-0/+4
|
* Use underscores instead of camelcase for id server stuffDavid Baker2015-04-241-6/+6
|
* pep8David Baker2015-04-241-2/+2
|
* Remove ultimately unused feature of saving params from the first call in the ↵David Baker2015-04-231-2/+10
| | | | session: it's probably too open to abuse.
* Password reset, finally.David Baker2015-04-171-1/+7
|
* Return user ID in use error straight awayDavid Baker2015-04-161-0/+2
|
* Dummy login so we can do the first POST request to get login flows without ↵David Baker2015-04-151-0/+6
| | | | it just succeeding
* Regstration with email in v2David Baker2015-04-151-21/+43
|
* Completely replace fallback auth for C/S V2:David Baker2015-04-011-21/+77
| | | | | | | * Now only the auth part goes to fallback, not the whole operation * Auth fallback is a normal API endpoint, not a static page * Params like the recaptcha pubkey can just live in the config Involves a little engineering on JsonResource so its servlets aren't always forced to return JSON. I should document this more, in fact I'll do that now.
* pep8David Baker2015-03-311-1/+1
|
* New registration for C/S API v2. Only ReCAPTCHA working currently.David Baker2015-03-301-13/+77
|
* Implement password changing (finally) along with a start on making ↵David Baker2015-03-231-0/+109
client/server auth more general.