matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-09-11 22:30:47 +03:00
Code Activity
2,904 Commits 59 Branches 22 Tags
quenting/docs-fix-policy
Commit Graph

84 Commits

Author SHA1 Message Date
reivilibre
5d4a4a6fb8 Add rate-limiting for account recovery and registration (#3093) 
* Add rate-limiting for account recovery and registration

* Rename login ratelimiter `per_address` to `per_ip` for consistency

Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-08-07 17:57:36 +00:00
Quentin Gliech
3f947025e2 Host a Swagger UI both in the static documentation and by the server 2024-08-01 15:17:14 +02:00
Quentin Gliech
e25c170403 Rate-limit password-based login attempts 2024-07-26 13:56:45 +02:00
Quentin Gliech
e937ea8fa8 Rework assets loading to fix splitting CSS chunks 2024-07-25 12:59:29 +02:00
Quentin Gliech
756f2c01f8 Separate error page when the recovery link was already used 2024-06-28 15:59:21 +02:00
Quentin Gliech
96df94104e Show a proper 'link expired' page 2024-06-28 15:59:21 +02:00
Quentin Gliech
f9f2f4a3be Gate account recovery behing a configuration flag 2024-06-28 15:59:21 +02:00
Quentin Gliech
09fca9fd75 Implement the password change form 2024-06-28 15:59:21 +02:00
Quentin Gliech
2e4d868385 Recovery progress page 2024-06-28 15:59:21 +02:00
Quentin Gliech
c156a3891e Actually send emails for recovery 2024-06-28 15:59:21 +02:00
Quentin Gliech
319c43abc5 Start recovery view 2024-06-28 15:59:21 +02:00
reivilibre
7c67630c95 Remove the old password change page (#2874) 2024-06-27 13:41:24 +01:00
reivilibre
49e8fe57f4 Improve errors when MAS contacts the Synapse homeserver (#2794) 
* Add some drive-by docstrings

* Change text rendering of catch_http_codes::HttpError

Using `#[source]` is unnatural here because it makes it look like
two distinct errors (one being a cause of the other),
when in reality it is just one error, with 2 parts.

Using `Display` formatting for that leads to a more natural error.

* Add constraints to `catch_http_code{,s}` methods

Not strictly required, but does two things:

- documents what kind of function is expected
- provides a small extra amount of type enforcement at the call site,
  rather than later on when you find the result doesn't implement Service

* Add a `catch_http_errors` shorthand

Nothing major, just a quality of life improvement so you don't have to
repetitively write out what a HTTP error is

* Unexpected error page: remove leading whitespace from preformatted 'details' section

The extra whitespace was probably unintentional and makes the error harder to read,
particularly when it wraps onto a new line unnecessarily

* Capture and log Matrix errors received from Synapse

* Drive-by clippy fix: use clamp instead of min().max()

* Convert `err(Display)` to `err(Debug)` for `anyhow::Error`s in matrix-synapse support module
 2024-06-07 11:14:04 +00:00
Quentin Gliech
5ef6fa4109 Place the CAPTCHA error at the end of the form 2024-05-15 09:38:10 +02:00
Quentin Gliech
359da66b88 Display a user-friendly error on CAPTCHA failures 2024-05-15 09:38:10 +02:00
Quentin Gliech
e4d6bbee14 Disable hCaptcha compatibility with reCAPTCHA 2024-05-15 09:38:10 +02:00
Quentin Gliech
cef069564a Add a <noscript> fallback message 2024-05-15 09:38:10 +02:00
Quentin Gliech
0e270d5449 hCaptcha support 2024-05-15 09:38:10 +02:00
Quentin Gliech
f9ae7ae313 Cloudflare Turnstile support 2024-05-15 09:38:10 +02:00
Quentin Gliech
a3beeb2398 Render reCAPTCHA challenge on the registration form 2024-05-15 09:38:10 +02:00
Quentin Gliech
1b4898aa3a Make the consent screens (almost completely) translatable 
One exception is the wording for the privacy policy/TOS, because it's
annoying to do with the conditionals.
 2024-05-10 14:49:54 +02:00
Quentin Gliech
353815bc6f Skip the device code form when using the full verification URI 
This changes the form to use a GET method, as it is only really doing
a redirect.
 2024-05-07 12:19:10 +02:00
Quentin Gliech
10d7ca95ae Update copyright headers 2024-04-30 13:33:47 +02:00
Quentin Gliech
08a3b90942 Load the branding from the API instead of hardcoding in the config 2024-04-30 13:33:47 +02:00
Quentin Gliech
58fd6ab4c1 Allow disabling registrations (#2553) 2024-04-03 09:27:14 +02:00
Michael Telatynski
57c5e8601f Update session details styles to closer match latest Figma (#2439) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-03-08 14:41:41 +00:00
Quentin Gliech
4e682793b1 Share the device card between the frontend and the backend 2024-02-27 17:56:20 +01:00
Quentin Gliech
f3cbd3b315 Parse User Agents on the backend side (#2388) 
* Parse user agents on the server side

* Parse and expose user agents on the backend

* Use the parsed user agent in the device consent page

* Fix the device icon tests

* Fix clippy warnings

* Box stuff to avoid large enum variants

* Ignore a clippy warning

* Fix the requester boxing
 2024-02-23 16:47:48 +01:00
Quentin Gliech
52f8c83e42 Upgrade compound and fix bad focus rings on inputs 2024-02-08 17:54:10 +01:00
Quentin Gliech
0beb842195 Make the user agree to T&C during registration 2024-02-07 17:21:22 +01:00
Quentin Gliech
17e968f7cc Record the user agent and IP in the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
d39a1d29df Show the device better in the device consent page 2024-02-02 18:01:51 +01:00
Quentin Gliech
1c62543220 Make the device code grants go through the policy engine 2024-02-02 18:01:51 +01:00
Quentin Gliech
67ab42155c Implement the device consent logic 2024-02-02 18:01:51 +01:00
Quentin Gliech
4301fd9378 Setup the device link form page 2024-02-02 18:01:51 +01:00
Quentin Gliech
6f986e117a Fix the login template in case no human_name was set on the provider 2023-11-21 16:09:38 +01:00
Quentin Gliech
5126d36b2e Add upstream OAuth 2.0 providers name and branding 2023-11-20 17:23:02 +01:00
Quentin Gliech
9c94e11e68 Check for existing users ahead of time on upstream OAuth2 registration 2023-11-13 14:11:30 +01:00
Quentin Gliech
18259a6412 Fix the login template not rendering on policy error 2023-11-03 18:24:21 +01:00
Quentin Gliech
6d65bcae13 Make the upstream provider URL better display & fix test 2023-10-30 15:55:15 +01:00
Quentin Gliech
a404398c2c Polish all forms and add nice page headings to most screens 2023-10-30 15:55:15 +01:00
Quentin Gliech
8984cc703b Add instance privacy policy, TOS and imprint, and loads of design cleanups 2023-10-30 15:55:15 +01:00
Quentin Gliech
e69438dd9e frontend: integrate storybook with i18next & cleanup (#1970) 2023-10-19 15:37:29 +00:00
Quentin Gliech
9b5c8fb44b Allow running the authentication service on a different base path 2023-10-06 14:07:55 +02:00
Quentin Gliech
3ff217690d templates: fix the error.html template when missing the locale 2023-10-05 19:29:23 +02:00
Quentin Gliech
b2cd8d83f7 templates: translate a lot more stuff 2023-10-05 19:29:23 +02:00
Quentin Gliech
6ff549f5df templates: fix the _ function not working in macros 2023-10-05 19:29:23 +02:00
Quentin Gliech
ebdb8eb30e templates: more translations 2023-10-05 19:29:23 +02:00
Quentin Gliech
2d52ba7fb3 i18n: include context when looking for translation keys 2023-10-05 19:29:23 +02:00
Quentin Gliech
15ad89aa82 templates: add translations function 2023-10-05 19:29:23 +02:00