matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-08-06 06:02:40 +03:00
Code Activity
2,870 Commits 59 Branches 22 Tags
quenting/doc-fixes
Commit Graph

699 Commits

Author SHA1 Message Date
Quentin Gliech
29d6383c5d admin: rename the can_request_admin field to admin 2024-08-07 20:13:43 +02:00
Quentin Gliech
6189abe7b4 admin: set can_request_admin API 2024-08-07 20:13:43 +02:00
reivilibre
5d4a4a6fb8 Add rate-limiting for account recovery and registration (#3093) 
* Add rate-limiting for account recovery and registration

* Rename login ratelimiter `per_address` to `per_ip` for consistency

Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-08-07 17:57:36 +00:00
reivilibre
244f8f5e5e Add configuration for rate-limiting of logins, replacing hardcoded limits (#3090) 2024-08-07 18:36:02 +01:00
Quentin Gliech
1bdad262cd Disallow OAuth 2.0 use of the GraphQL API by default 2024-08-07 18:09:51 +02:00
Quentin Gliech
b4eb93558d admin: add simple snapshot test for the list oauth2 sessions endpoint 2024-08-07 17:41:18 +02:00
Quentin Gliech
dd58fffdef admin: add tests for the get OAuth session API 2024-08-07 17:41:18 +02:00
Quentin Gliech
cf9f201337 admin: get OAuth 2.0 session API 2024-08-07 17:41:18 +02:00
Quentin Gliech
4f52840bf3 admin: list OAuth 2.0 sessions API 2024-08-07 17:41:18 +02:00
Quentin Gliech
83e4aa476f admin: setup base for oauth2 sessions endpoints 2024-08-07 17:41:18 +02:00
Quentin Gliech
19d485a68b admin: model definition for the OAuth 2.0 sessions 2024-08-07 17:41:18 +02:00
Quentin Gliech
c61a52a3a0 admin: better error when password auth is disabled 2024-08-07 15:10:19 +02:00
Quentin Gliech
475a43df71 admin: check password complexity in password set API 2024-08-07 15:10:19 +02:00
Quentin Gliech
8b5d576018 admin: set password API 2024-08-07 15:10:19 +02:00
Quentin Gliech
9ea77a9562 admin: lock user API 2024-08-06 13:43:13 +02:00
Quentin Gliech
2307c05c69 admin: user unlock API 2024-08-06 13:31:28 +02:00
Quentin Gliech
117e124ddf admin: user deactivation API 2024-08-06 11:48:19 +02:00
dependabot[bot]
1ad4091a5c build(deps): bump indexmap from 2.2.6 to 2.3.0 
Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.2.6 to 2.3.0.
- [Changelog](https://github.com/indexmap-rs/indexmap/blob/master/RELEASES.md)
- [Commits](https://github.com/indexmap-rs/indexmap/compare/2.2.6...2.3.0)

---
updated-dependencies:
- dependency-name: indexmap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-02 00:19:27 +02:00
Quentin Gliech
65f1c45095 admin: add operation ID on user add operation 2024-08-01 16:23:08 +02:00
Quentin Gliech
5833f1a2af handlers: tests for the add user admin API 2024-08-01 16:23:08 +02:00
Quentin Gliech
015f6e2455 handlers: test utility to help request the admin API 2024-08-01 16:23:08 +02:00
Quentin Gliech
94004ce18c Rename the payload struct to appease clippy 2024-08-01 16:23:08 +02:00
Quentin Gliech
221f227baa admin: add API to create users 2024-08-01 16:23:08 +02:00
Quentin Gliech
d03dd41345 admin: add operation IDs on user operations & other improvements 
This also documents better the user list operation parameters
 2024-08-01 15:17:14 +02:00
Quentin Gliech
78e988b7cc Tweak the schema generation and use a common definition for ULIDs 2024-08-01 15:17:14 +02:00
Quentin Gliech
cdecac735e Tweak the schema to use summary instead of description and add tags 2024-08-01 15:17:14 +02:00
Quentin Gliech
3f947025e2 Host a Swagger UI both in the static documentation and by the server 2024-08-01 15:17:14 +02:00
dependabot[bot]
5edeb59ef3 build(deps): bump zxcvbn from 3.0.1 to 3.1.0 
Bumps [zxcvbn](https://github.com/shssoichiro/zxcvbn-rs) from 3.0.1 to 3.1.0.
- [Changelog](https://github.com/shssoichiro/zxcvbn-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/shssoichiro/zxcvbn-rs/compare/v3.0.1...v3.1.0)

---
updated-dependencies:
- dependency-name: zxcvbn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-30 11:51:20 +02:00
Olivier 'reivilibre
8737d6f89b graphql: Expose CAPTCHA config and whether password registration is enabled 2024-07-26 13:02:58 +01:00
Quentin Gliech
4a275fa4b9 Call retain_recent periodically on rate limiters 2024-07-26 13:56:45 +02:00
Quentin Gliech
e25c170403 Rate-limit password-based login attempts 2024-07-26 13:56:45 +02:00
Quentin Gliech
f5b4caf520 admin: add APIs to list and get users 2024-07-26 11:36:55 +02:00
Quentin Gliech
c177233b33 Define common response types for the admin API 
This adds a Single and a Paginated response type, which have links to the next, previous, first and last pages.
 2024-07-26 11:36:55 +02:00
Quentin Gliech
27ca7ec108 Add an extractor to check for credentails in the admin API 2024-07-26 11:36:55 +02:00
Quentin Gliech
43ff6dc9d3 doc: auto-generate the API schema in the documentation 2024-07-26 11:36:55 +02:00
Quentin Gliech
f4f61f0d51 handlers: bootstrap the admin API router 2024-07-26 11:36:55 +02:00
Quentin Gliech
144de0deb2 storage: freeze the error type on BoxRepository 
This avoids having to deal with traits bounds everywhere. It also moves
the `boxed()` method to the PgRepository, because it was unnecessary to
keep it on the `Repository` trait
 2024-07-26 11:36:55 +02:00
Olivier 'reivilibre
48c4c34e88 Remove the server-side rendered account recovery 'finish' form 
Replace with the React frontend form
 2024-07-26 10:20:32 +01:00
Olivier 'reivilibre
c83e052e7f graphql: use NoSuchRecoveryTicket when link is invalid 2024-07-26 10:20:32 +01:00
Quentin Gliech
d1b9a4980c Update opentelemetry to 0.24.0 2024-07-25 11:01:43 +02:00
dependabot[bot]
7dcb476e92 build(deps): bump psl from 2.1.50 to 2.1.55 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.50 to 2.1.55.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.50...v2.1.55)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-25 09:34:05 +02:00
dependabot[bot]
54b1b142df build(deps): bump serde_with from 3.8.3 to 3.9.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.8.3 to 3.9.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.8.3...v3.9.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-25 09:33:43 +02:00
reivilibre
8147016735 graphql: Add a SetPasswordByRecovery mutation to perform account recovery (#2986) 2024-07-24 16:19:14 +01:00
Quentin Gliech
6f2ab4f738 graphql: allow filtering of sessions by last activity 2024-07-19 13:40:27 +02:00
reivilibre
1afd2a2906 Remove OPA-based password policy enforcement (#2875) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-07-16 14:33:04 +01:00
Quentin Gliech
fa32387ca5 Show whether the user is deactivated on the homeserver in the GraphQL API 
Fix #2375
 2024-07-16 13:20:28 +02:00
Quentin Gliech
bac2db9884 GraphQL API to unlock a user 
Fixes #2101
 2024-07-16 13:20:28 +02:00
Quentin Gliech
3eab10672f Add a lock during syncs of user devices 2024-07-16 09:32:07 +02:00
Quentin Gliech
695228ade4 Provision users on the fake homeserver in tests 
Because we now provision devices synchronously, we need to update the
tests so that the users exist on the fake homeserver.
 2024-07-16 09:32:07 +02:00
Quentin Gliech
037cf996a8 Provision the devices synchronously 
This means Synapse won't have to provision them on the fly anymore
 2024-07-16 09:32:07 +02:00