authentication-service

mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-07-31 09:24:31 +03:00

Author	SHA1	Message	Date
reivilibre	5d4a4a6fb8	Add rate-limiting for account recovery and registration (#3093 ) * Add rate-limiting for account recovery and registration * Rename login ratelimiter `per_address` to `per_ip` for consistency Co-authored-by: Quentin Gliech <quenting@element.io>	2024-08-07 17:57:36 +00:00
Quentin Gliech	3f947025e2	Host a Swagger UI both in the static documentation and by the server	2024-08-01 15:17:14 +02:00
Quentin Gliech	e25c170403	Rate-limit password-based login attempts	2024-07-26 13:56:45 +02:00
Quentin Gliech	e937ea8fa8	Rework assets loading to fix splitting CSS chunks	2024-07-25 12:59:29 +02:00
Quentin Gliech	756f2c01f8	Separate error page when the recovery link was already used	2024-06-28 15:59:21 +02:00
Quentin Gliech	96df94104e	Show a proper 'link expired' page	2024-06-28 15:59:21 +02:00
Quentin Gliech	f9f2f4a3be	Gate account recovery behing a configuration flag	2024-06-28 15:59:21 +02:00
Quentin Gliech	09fca9fd75	Implement the password change form	2024-06-28 15:59:21 +02:00
Quentin Gliech	2e4d868385	Recovery progress page	2024-06-28 15:59:21 +02:00
Quentin Gliech	c156a3891e	Actually send emails for recovery	2024-06-28 15:59:21 +02:00
Quentin Gliech	319c43abc5	Start recovery view	2024-06-28 15:59:21 +02:00
reivilibre	7c67630c95	Remove the old password change page (#2874 )	2024-06-27 13:41:24 +01:00
Quentin Gliech	d061d7f6b3	Move tokio to a workspace dependency	2024-05-15 14:54:34 +02:00
Quentin Gliech	359da66b88	Display a user-friendly error on CAPTCHA failures	2024-05-15 09:38:10 +02:00
Quentin Gliech	0e270d5449	hCaptcha support	2024-05-15 09:38:10 +02:00
Quentin Gliech	f9ae7ae313	Cloudflare Turnstile support	2024-05-15 09:38:10 +02:00
Quentin Gliech	a3beeb2398	Render reCAPTCHA challenge on the registration form	2024-05-15 09:38:10 +02:00
Quentin Gliech	353815bc6f	Skip the device code form when using the full verification URI This changes the form to use a GET method, as it is only really doing a redirect.	2024-05-07 12:19:10 +02:00
Quentin Gliech	3567f7c445	Upgrade minijinja to 2.0.1	2024-05-02 14:04:14 +02:00
dependabot[bot]	43f4768ae6	build(deps): bump tokio from 1.36.0 to 1.37.0 Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.36.0 to 1.37.0. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.36.0...tokio-1.37.0) --- updated-dependencies: - dependency-name: tokio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-04-30 18:11:14 +02:00
dependabot[bot]	c4d4f74a67	build(deps): bump arc-swap from 1.7.0 to 1.7.1 Bumps [arc-swap](https://github.com/vorner/arc-swap) from 1.7.0 to 1.7.1. - [Changelog](https://github.com/vorner/arc-swap/blob/master/CHANGELOG.md) - [Commits](https://github.com/vorner/arc-swap/compare/v1.7.0...v1.7.1) --- updated-dependencies: - dependency-name: arc-swap dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-04-30 16:54:10 +02:00
Quentin Gliech	10d7ca95ae	Update copyright headers	2024-04-30 13:33:47 +02:00
Quentin Gliech	aa2e2229bc	Finish moving the site config	2024-04-30 13:33:47 +02:00
Quentin Gliech	58fd6ab4c1	Allow disabling registrations (#2553 )	2024-04-03 09:27:14 +02:00
Quentin Gliech	d8f5fdaf5c	Moved some dependencies in the workspace and upgrade some dependencies	2024-03-19 14:54:35 +01:00
Quentin Gliech	61a69f5af4	Upgrade chrono and replace deprecated methods usage	2024-03-18 17:26:40 +01:00
Quentin Gliech	f3cbd3b315	Parse User Agents on the backend side (#2388 ) * Parse user agents on the server side * Parse and expose user agents on the backend * Use the parsed user agent in the device consent page * Fix the device icon tests * Fix clippy warnings * Box stuff to avoid large enum variants * Ignore a clippy warning * Fix the requester boxing	2024-02-23 16:47:48 +01:00
Quentin Gliech	1c000a1fed	Make sure the locale fallback works as expected - Also makes sure that the fallback runs in the backend and is then picked up by the frontend - and explicitely fallback zh-CN to zh-Hans	2024-02-19 11:43:36 +01:00
Quentin Gliech	0beb842195	Make the user agree to T&C during registration	2024-02-07 17:21:22 +01:00
Quentin Gliech	17e968f7cc	Record the user agent and IP in the device code grant	2024-02-02 18:01:51 +01:00
Quentin Gliech	36ebbc4d70	i18n: utilities to format short dates and times	2024-02-02 18:01:51 +01:00
Quentin Gliech	1c62543220	Make the device code grants go through the policy engine	2024-02-02 18:01:51 +01:00
Quentin Gliech	67ab42155c	Implement the device consent logic	2024-02-02 18:01:51 +01:00
Quentin Gliech	4301fd9378	Setup the device link form page	2024-02-02 18:01:51 +01:00
Quentin Gliech	b927d330c9	Bump most Rust dependencies	2024-02-02 15:37:05 +01:00
Quentin Gliech	49963b26f8	Prepare workspace to publish OIDC crates	2023-12-07 16:02:55 +01:00
Quentin Gliech	a0f5f3c642	Enable clippy lints on a workspace level This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.	2023-12-05 17:20:42 +01:00
dependabot[bot]	9802981c0e	build(deps): bump tokio from 1.33.0 to 1.34.0 Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.33.0 to 1.34.0. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.33.0...tokio-1.34.0) --- updated-dependencies: - dependency-name: tokio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-11-14 13:51:15 +01:00
Quentin Gliech	89420a2cfc	Refactor the upstream link provider template logic Also adds tests for new account registration through an upstream oauth2 provider	2023-11-13 14:11:30 +01:00
Quentin Gliech	9c94e11e68	Check for existing users ahead of time on upstream OAuth2 registration	2023-11-13 14:11:30 +01:00
Quentin Gliech	18259a6412	Fix the login template not rendering on policy error	2023-11-03 18:24:21 +01:00
Quentin Gliech	6d65bcae13	Make the upstream provider URL better display & fix test	2023-10-30 15:55:15 +01:00
Quentin Gliech	a404398c2c	Polish all forms and add nice page headings to most screens	2023-10-30 15:55:15 +01:00
Quentin Gliech	8984cc703b	Add instance privacy policy, TOS and imprint, and loads of design cleanups	2023-10-30 15:55:15 +01:00
Michael Telatynski	43648052e2	Wire up i18n for the React frontend (#1962 ) Co-authored-by: Quentin Gliech <quenting@element.io>	2023-10-19 12:41:38 +00:00
dependabot[bot]	69798aef47	build(deps): bump tokio from 1.32.0 to 1.33.0 Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.32.0 to 1.33.0. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.32.0...tokio-1.33.0) --- updated-dependencies: - dependency-name: tokio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-09 16:11:09 +02:00
Quentin Gliech	9b5c8fb44b	Allow running the authentication service on a different base path	2023-10-06 14:07:55 +02:00
Quentin Gliech	b2cd8d83f7	templates: translate a lot more stuff	2023-10-05 19:29:23 +02:00
Quentin Gliech	6ff549f5df	templates: fix the _ function not working in macros	2023-10-05 19:29:23 +02:00
Quentin Gliech	1feafc1d13	handlers/templates: infer the language from the Accept-Language browser header	2023-10-05 19:29:23 +02:00

1 2 3 4 5 ...

255 Commits