3a05f24b45
Fix the email policy documentation indentation
2024-09-03 17:47:43 +02:00
b5ed252573
Apply suggestions on wording
2024-09-03 17:33:10 +02:00
7fe70aac80
Document policy settings for changing the policy wasm file
2024-09-03 17:33:10 +02:00
6d30bc530f
Document the email policy in the reference
2024-08-30 13:57:31 +02:00
62e01883b6
Small documentation fixes
...
- Removes mentions of the `mas-cli templates save` command
- Removes the old `experimental` flags
- Removes the old `policy.data.passwords` configs
- Document the `policy.data.client_registration` flags
- Remove references to the pre-built macOS binaries
- Explains how to get syn2mas
- State that you need to prepare the database before importing data
- Clean up the reverse proxy documentation
- Clarify that you don't need to provede templates/policy/assets
manually when running the docker image
2024-08-19 13:53:43 +02:00
29d6383c5d
admin: rename the can_request_admin field to admin
2024-08-07 20:13:43 +02:00
6189abe7b4
admin: set can_request_admin API
2024-08-07 20:13:43 +02:00
5d4a4a6fb8
Add rate-limiting for account recovery and registration ( #3093 )
...
* Add rate-limiting for account recovery and registration
* Rename login ratelimiter `per_address` to `per_ip` for consistency
Co-authored-by: Quentin Gliech <quenting@element.io >
2024-08-07 17:57:36 +00:00
244f8f5e5e
Add configuration for rate-limiting of logins, replacing hardcoded limits ( #3090 )
2024-08-07 18:36:02 +01:00
1bdad262cd
Disallow OAuth 2.0 use of the GraphQL API by default
2024-08-07 18:09:51 +02:00
eb4072f3c3
Document the admin API ( #3038 )
...
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org >
2024-08-07 17:41:46 +02:00
cf9f201337
admin: get OAuth 2.0 session API
2024-08-07 17:41:18 +02:00
4f52840bf3
admin: list OAuth 2.0 sessions API
2024-08-07 17:41:18 +02:00
83e4aa476f
admin: setup base for oauth2 sessions endpoints
2024-08-07 17:41:18 +02:00
c61a52a3a0
admin: better error when password auth is disabled
2024-08-07 15:10:19 +02:00
475a43df71
admin: check password complexity in password set API
2024-08-07 15:10:19 +02:00
8b5d576018
admin: set password API
2024-08-07 15:10:19 +02:00
9ea77a9562
admin: lock user API
2024-08-06 13:43:13 +02:00
2307c05c69
admin: user unlock API
2024-08-06 13:31:28 +02:00
117e124ddf
admin: user deactivation API
2024-08-06 11:48:19 +02:00
65f1c45095
admin: add operation ID on user add operation
2024-08-01 16:23:08 +02:00
94004ce18c
Rename the payload struct to appease clippy
2024-08-01 16:23:08 +02:00
221f227baa
admin: add API to create users
2024-08-01 16:23:08 +02:00
d03dd41345
admin: add operation IDs on user operations & other improvements
...
This also documents better the user list operation parameters
2024-08-01 15:17:14 +02:00
78e988b7cc
Tweak the schema generation and use a common definition for ULIDs
2024-08-01 15:17:14 +02:00
cdecac735e
Tweak the schema to use summary instead of description and add tags
2024-08-01 15:17:14 +02:00
3f947025e2
Host a Swagger UI both in the static documentation and by the server
2024-08-01 15:17:14 +02:00
b261ac0a17
Document the new account-management options
2024-08-01 14:50:21 +02:00
8b3451d66f
Move the account-related options out of experimental
2024-08-01 14:50:21 +02:00
f5b4caf520
admin: add APIs to list and get users
2024-07-26 11:36:55 +02:00
43ff6dc9d3
doc: auto-generate the API schema in the documentation
2024-07-26 11:36:55 +02:00
76755610cb
config: allow serving the admin API routes
2024-07-26 11:36:55 +02:00
d6a54124c7
update contributing docs with DCO
2024-07-25 10:01:53 +02:00
fbc360d1a9
Backend work to support minimum password complexity ( #2965 )
...
* config: Add minimum password complexity option
* PasswordManager: add function for checking if complexity is sufficient
* Enforce password complexity on registration, change and recovery
* cli: Use exit code 1 for weak passwords
This seems preferable to exit code 0, but ideally we should choose one
and document it.
* Expose minimum password complexity score over GraphQL
2024-07-11 10:17:39 +01:00
3ab733bf3a
Fix RFC1918 network in default proxy configuration ( #2908 )
2024-07-05 08:22:39 +00:00
c4c0c74473
Document the new SSL options
2024-07-05 09:54:18 +02:00
eff66726d5
New config options to set the database certificates
2024-07-05 09:54:18 +02:00
f9f2f4a3be
Gate account recovery behing a configuration flag
2024-06-28 15:59:21 +02:00
ba8749fe33
Document the CAPTCHA configuration
2024-05-15 09:38:10 +02:00
0e270d5449
hCaptcha support
2024-05-15 09:38:10 +02:00
f9ae7ae313
Cloudflare Turnstile support
2024-05-15 09:38:10 +02:00
a3beeb2398
Render reCAPTCHA challenge on the registration form
2024-05-15 09:38:10 +02:00
56d370f1d5
Add a few words on what MAS is at the beginning of the documentation
2024-05-14 10:44:41 +02:00
f3b481f4ae
Apply typos corrections from review
...
Co-authored-by: Will Lewis <1543626+wrjlewis@users.noreply.github.com >
2024-05-14 10:44:41 +02:00
0c2305ad6f
Clarify what authz as a user means for the urn:mas:graphql:* scope
2024-05-14 10:44:41 +02:00
e2cfa23401
Add missing documentation for some configuration parameters
2024-05-14 10:44:41 +02:00
603de2b620
Rework the docuemntation overview
2024-05-14 10:44:41 +02:00
76e9c32642
Document part of the GraphQL API and the scopes used by MAS
2024-05-14 10:44:41 +02:00
3a55a0d745
Explain what the different grants and sessions are
2024-05-14 10:44:41 +02:00
10eb93059c
Write about the policy engine
2024-05-14 10:44:41 +02:00
