summary refs log tree commit diff
path: root/tests/api/test_auth.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Port tests/ to Python 3 (#3808)Amber Brown2018-09-071-0/+1
|
* fix bug where preserved threepid user comes to sign up and server is mau blockedNeil Johnson2018-08-311-0/+17
|
* Change admin_uri to admin_contact in config and errorsErik Johnston2018-08-241-2/+2
|
* rename error codeNeil Johnson2018-08-181-2/+2
|
* special case server_notices_mxidNeil Johnson2018-08-181-0/+8
|
* add new error type ResourceLimitNeil Johnson2018-08-161-3/+3
|
* update error codes for resource limitingNeil Johnson2018-08-151-2/+2
|
* replace admin_email with admin_uri for greater flexibilityNeil Johnson2018-08-151-2/+2
|
* support admin_email config and pass through into blocking errors, return ↵Neil Johnson2018-08-131-1/+5
| | | | AuthError in all cases
* Revert "support admin_email config and pass through into blocking errors, ↵Neil Johnson2018-08-131-5/+1
| | | | | | return AuthError in all cases" This reverts commit 0d43f991a19840a224d3dac78d79f13d78212ee6.
* support admin_email config and pass through into blocking errors, return ↵Neil Johnson2018-08-131-1/+5
| | | | AuthError in all cases
* Run tests under PostgreSQL (#3423)Amber Brown2018-08-131-1/+1
|
* Run black.black2018-08-101-41/+35
|
* disable HS from configNeil Johnson2018-08-041-1/+10
|
* remove unused importNeil Johnson2018-08-031-1/+1
|
* bug fixesNeil Johnson2018-08-031-7/+3
|
* do mau checks based on monthly_active_users tableNeil Johnson2018-08-021-1/+30
|
* Python 3: Convert some unicode/bytes uses (#3569)Amber Brown2018-08-021-16/+19
|
* run isortAmber Brown2018-07-091-2/+5
|
* add testMatthew Hodgson2018-06-281-0/+33
|
* fix testsMatthew Hodgson2018-06-281-3/+15
|
* Prevent user tokens being used as guest tokens (#1675)Richard van der Hoff2016-12-061-15/+78
| | | | | Make sure that a user cannot pretend to be a guest by adding 'guest = True' caveats.
* Fix unit testsMark Haines2016-09-121-9/+9
|
* Record device_id in client_ipsRichard van der Hoff2016-07-201-1/+9
| | | | | Record the device_id when we add a client ip; it's somewhat redundant as we could get it via the access_token, but it will make querying rather easier.
* Bug fix: expire invalid access tokensNegar Fazeli2016-07-131-1/+30
|
* Create user with expiryNegi Fazeli2016-05-131-6/+6
| | | | | | - Add unittests for client, api and handler Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
* Fix flake8 warnings for testsMark Haines2016-02-191-2/+2
|
* Introduce a Requester objectDaniel Wagner-Hall2016-01-111-6/+6
| | | | | | | | | This tracks data about the entity which made the request. This is instead of passing around a tuple, which requires call-site modifications every time a new piece of optional context is passed around. I tried to introduce a User object. I gave up.
* Allow guests to upgrade their accountsDaniel Wagner-Hall2016-01-051-9/+9
|
* Allow guests to register and call /events?room_id=Daniel Wagner-Hall2015-11-041-3/+22
| | | | | | | This follows the same flows-based flow as regular registration, but as the only implemented flow has no requirements, it auto-succeeds. In the future, other flows (e.g. captcha) may be required, so clients should treat this like the regular registration flow choices.
* s/user_id/user/g for consistencyDaniel Wagner-Hall2015-09-011-4/+4
|
* Turn TODO into thing which actually will failDaniel Wagner-Hall2015-08-261-6/+9
|
* Attempt to validate macaroonsDaniel Wagner-Hall2015-08-261-2/+140
| | | | | | | | | | | | | A couple of weird caveats: * If we can't validate your macaroon, we fall back to checking that your access token is in the DB, and ignoring the failure * Even if we can validate your macaroon, we still have to hit the DB to get the access token ID, which we pretend is a device ID all over the codebase. This mostly adds the interesting code, and points out the two pieces we need to delete (and necessary conditions) in order to fix the above caveats.
* Stop looking up "admin", which we never readDaniel Wagner-Hall2015-08-251-2/+0
|
* Remove completely unused concepts from codebaseDaniel Wagner-Hall2015-08-251-5/+3
| | | | | | | | | | Removes device_id and ClientInfo device_id is never actually written, and the matrix.org DB has no non-null entries for it. Right now, it's just cluttering up code. This doesn't remove the columns from the database, because that's fiddly.
* s/by_token/by_access_token/gDaniel Wagner-Hall2015-08-201-8/+8
| | | | We're about to have two kinds of token, access and refresh
* Remove unused imports.Kegan Dougal2015-02-091-2/+2
|
* Modify auth.get_user_by_req for authing appservices directly.Kegan Dougal2015-02-091-0/+139
Add logic to map the appservice token to the autogenned appservice user ID. Add unit tests for all forms of get_user_by_req (user/appservice, valid/bad/missing tokens)