dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-05-13 15:05:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,518 Commits 88 Branches 87 Tags
1d168948c6238a776fa94de8562cc56f03ad4d00
Commit Graph

4518 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech 1d168948c6 build(deps): bump the tanstack-query group in /frontend with 2 updates (#4397) 2025-04-14 16:05:39 +02:00
Quentin Gliech c3a5c0736c build(deps-dev): bump the types group in /frontend with 2 updates (#4398) 2025-04-14 16:05:27 +02:00
Quentin Gliech 09eb624e95 build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 (#4400) 2025-04-14 16:05:19 +02:00
Quentin Gliech 150be9b36a Create missing indexes for all the foreign keys in the database. (#4385) 2025-04-14 16:03:28 +02:00
Quentin Gliech 48843dba5a Clear the session cookie on logout from the GraphQL API (#4328) 2025-04-14 15:52:18 +02:00
Quentin Gliech 744bb2c372 Lookup usernames case insensitively (#4378) 2025-04-14 15:51:59 +02:00
Quentin Gliech bd737342b9 Always ask for consent, never for reauth (#4386) 2025-04-14 15:51:48 +02:00
dependabot[bot] 063f4a8923 build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4.3.0...v4.4.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 13:25:29 +00:00
dependabot[bot] 6272d7023e build(deps-dev): bump the types group in /frontend with 2 updates 
Bumps the types group in /frontend with 2 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react).


Updates `@types/node` from 22.14.0 to 22.14.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/react` from 19.1.0 to 19.1.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 22.14.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
- dependency-name: "@types/react"
  dependency-version: 19.1.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 13:17:25 +00:00
dependabot[bot] ed253cba04 build(deps): bump the tanstack-query group in /frontend with 2 updates 
Bumps the tanstack-query group in /frontend with 2 updates: [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) and [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools).


Updates `@tanstack/react-query` from 5.72.2 to 5.74.3
- [Release notes](https://github.com/TanStack/query/releases)
- [Commits](https://github.com/TanStack/query/commits/v5.74.3/packages/react-query)

Updates `@tanstack/react-query-devtools` from 5.72.2 to 5.74.3
- [Release notes](https://github.com/TanStack/query/releases)
- [Commits](https://github.com/TanStack/query/commits/v5.74.3/packages/react-query-devtools)

---
updated-dependencies:
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.74.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tanstack-query
- dependency-name: "@tanstack/react-query-devtools"
  dependency-version: 5.74.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: tanstack-query
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 13:17:05 +00:00
Quentin Gliech a3202a690a Document how to migrate passwords from Synapse with a pepper set (#4353) 2025-04-11 16:40:14 +02:00
Quentin Gliech da9fc3ce65 Minor rewording 2025-04-11 16:33:14 +02:00
Quentin Gliech 852a817b3c build(deps-dev): bump @types/react-dom from 19.1.1 to 19.1.2 in /frontend in the types group (#4380) 2025-04-11 16:30:28 +02:00
Quentin Gliech c55938348a build(deps-dev): bump knip from 5.48.0 to 5.50.2 in /frontend (#4390) 2025-04-11 16:30:09 +02:00
Quentin Gliech 7f94600473 build(deps-dev): bump vite from 6.2.5 to 6.2.6 in /frontend in the vite group (#4379) 2025-04-11 16:27:36 +02:00
Quentin Gliech 9e9482e385 build(deps): bump opentelemetry-prometheus from 0.29.0 to 0.29.1 in the opentelemetry group (#4388) 2025-04-11 16:26:58 +02:00
Quentin Gliech 4156cba2a0 build(deps): bump vergen-gitcl from 1.0.7 to 1.0.8 (#4389) 2025-04-11 16:26:30 +02:00
dependabot[bot] c3c716dbee build(deps-dev): bump vite in /frontend in the vite group 
Bumps the vite group in /frontend with 1 update: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `vite` from 6.2.5 to 6.2.6
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v6.2.6/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.2.6/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 6.2.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vite
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 14:00:59 +00:00
Quentin Gliech 6578ae1aba build(deps): bump the tanstack-query group in /frontend with 2 updates (#4359) 2025-04-11 15:59:29 +02:00
dependabot[bot] 057fbdcee6 build(deps-dev): bump knip from 5.48.0 to 5.50.2 in /frontend 
Bumps [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) from 5.48.0 to 5.50.2.
- [Release notes](https://github.com/webpro-nl/knip/releases)
- [Changelog](https://github.com/webpro-nl/knip/blob/main/packages/knip/.release-it.json)
- [Commits](https://github.com/webpro-nl/knip/commits/5.50.2/packages/knip)

---
updated-dependencies:
- dependency-name: knip
  dependency-version: 5.50.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:52:34 +00:00
dependabot[bot] 414d46167e build(deps): bump the tanstack-query group in /frontend with 2 updates 
Bumps the tanstack-query group in /frontend with 2 updates: [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) and [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools).


Updates `@tanstack/react-query` from 5.71.10 to 5.72.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Commits](https://github.com/TanStack/query/commits/v5.72.0/packages/react-query)

Updates `@tanstack/react-query-devtools` from 5.71.10 to 5.72.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Commits](https://github.com/TanStack/query/commits/v5.72.0/packages/react-query-devtools)

---
updated-dependencies:
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.72.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tanstack-query
- dependency-name: "@tanstack/react-query-devtools"
  dependency-version: 5.72.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: tanstack-query
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:52:05 +00:00
dependabot[bot] 62be39aab5 build(deps-dev): bump @types/react-dom in /frontend in the types group 
Bumps the types group in /frontend with 1 update: [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom).


Updates `@types/react-dom` from 19.1.1 to 19.1.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom)

---
updated-dependencies:
- dependency-name: "@types/react-dom"
  dependency-version: 19.1.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:51:54 +00:00
Quentin Gliech f8c8b9186e Upgrade the Prometheus crate to 0.14.0 2025-04-11 15:40:00 +02:00
Quentin Gliech 58551c9a62 Handle the case where there are multiple users with the same username, but with a different casing. 2025-04-11 15:38:28 +02:00
dependabot[bot] 521aff9134 build(deps): bump vergen-gitcl from 1.0.7 to 1.0.8 
Bumps [vergen-gitcl](https://github.com/rustyhorde/vergen) from 1.0.7 to 1.0.8.
- [Release notes](https://github.com/rustyhorde/vergen/releases)
- [Commits](https://github.com/rustyhorde/vergen/compare/vergen_git2_1.0.7...vergen_gix_1.0.8)

---
updated-dependencies:
- dependency-name: vergen-gitcl
  dependency-version: 1.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:26:03 +00:00
dependabot[bot] e311167d1e build(deps): bump opentelemetry-prometheus in the opentelemetry group 
Bumps the opentelemetry group with 1 update: [opentelemetry-prometheus](https://github.com/open-telemetry/opentelemetry-rust).


Updates `opentelemetry-prometheus` from 0.29.0 to 0.29.1
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/opentelemetry-prometheus-0.29.0...opentelemetry-prometheus-0.29.1)

---
updated-dependencies:
- dependency-name: opentelemetry-prometheus
  dependency-version: 0.29.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:24:43 +00:00
Quentin Gliech 26dcba6feb Remove the complete handler, make it go through the consent page 2025-04-11 15:04:34 +02:00
Quentin Gliech e22016f85c Remove the reauth view 2025-04-11 13:35:59 +02:00
Samuel Lorch c9bca2be70 Document password scheme secret field for migrations 
Signed-off-by: Samuel Lorch sam@soontm.de
 2025-04-11 11:45:28 +02:00
Quentin Gliech 4a14e36942 Allow logging in using an email address (#4337) 2025-04-10 20:01:56 +02:00
Quentin Gliech cf732ac8f0 Always ask for consent, never for reauth 
Now that we have deduplicated clients, we're in this weird situation
where authorization grants just… go through.

This is because 4 years ago, I designed it to support prompt=consent and
prompt=none, but that never ended up being used/mentioned in the MSCs.

We also had support for max_age, but that required reauthing, which
doesn't work well with upstream providers.

So this removes support for prompt=consent|none and max_age, and makes
sure we always go through the consent page.

Lots of code deleted, yay!
 2025-04-10 19:57:45 +02:00
mcalinghee 87f7ba38d7 Update translations/en.json 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-04-10 19:41:17 +02:00
Quentin Gliech 7012fd3855 Also lowercase the username when checking if it exists. 2025-04-10 18:45:13 +02:00
Quentin Gliech b5ed17dbff Lookup usernames case insensitively 2025-04-10 18:36:43 +02:00
Quentin Gliech c861856dff Create missing indexes for all the foreign keys in the database. 2025-04-10 18:32:40 +02:00
mcalinghee 77e954e475 correct format and translation 2025-04-10 17:57:58 +02:00
mcalinghee f2a47f9a88 add login by email + feature flag 2025-04-10 17:57:58 +02:00
Quentin Gliech 62741a0e36 build(deps): bump rustls from 0.23.25 to 0.23.26 (#4383) 2025-04-10 17:34:27 +02:00
dependabot[bot] b7e7aa7a92 build(deps): bump rustls from 0.23.25 to 0.23.26 
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.25 to 0.23.26.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.23.25...v/0.23.26)

---
updated-dependencies:
- dependency-name: rustls
  dependency-version: 0.23.26
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-10 15:28:16 +00:00
Quentin Gliech 22c493714a build(deps): bump crossbeam-channel from 0.5.14 to 0.5.15 in the cargo group (#4384) 2025-04-10 17:25:26 +02:00
dependabot[bot] ff9a81f082 build(deps): bump crossbeam-channel in the cargo group 
Bumps the cargo group with 1 update: [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam).


Updates `crossbeam-channel` from 0.5.14 to 0.5.15
- [Release notes](https://github.com/crossbeam-rs/crossbeam/releases)
- [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crossbeam-rs/crossbeam/compare/crossbeam-channel-0.5.14...crossbeam-channel-0.5.15)

---
updated-dependencies:
- dependency-name: crossbeam-channel
  dependency-version: 0.5.15
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-10 14:38:38 +00:00
matrixbot d2d65cb48d Translations updates for main (#4377) 2025-04-10 13:55:17 +02:00
github-actions[bot] d8a4db4092 Translations updates 2025-04-10 11:49:30 +00:00
Quentin Gliech 000ca42b89 build(deps-dev): bump knip from 5.46.5 to 5.48.0 in /frontend (#4374) 2025-04-10 12:34:39 +02:00
Quentin Gliech 5c6b64261c build(deps): bump the tanstack-router group in /frontend with 3 updates (#4361) 2025-04-10 12:34:30 +02:00
Quentin Gliech f9b5b23cbc build(deps-dev): bump typescript from 5.8.2 to 5.8.3 in /frontend (#4360) 2025-04-10 12:34:09 +02:00
Quentin Gliech e4d7e0bbbe build(deps): bump vergen-gitcl from 1.0.5 to 1.0.7 (#4376) 2025-04-10 12:34:00 +02:00
dependabot[bot] 06e72cabe8 build(deps): bump vergen-gitcl from 1.0.5 to 1.0.7 
Bumps [vergen-gitcl](https://github.com/rustyhorde/vergen) from 1.0.5 to 1.0.7.
- [Release notes](https://github.com/rustyhorde/vergen/releases)
- [Commits](https://github.com/rustyhorde/vergen/commits/vergen_git2_1.0.7)

---
updated-dependencies:
- dependency-name: vergen-gitcl
  dependency-version: 1.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-10 10:19:21 +00:00
Quentin Gliech ab62b4885e Fallback link in password recovery emails (#4375) 2025-04-10 11:59:36 +02:00
Quentin Gliech 0643133bc4 Fallback link in password recovery emails 2025-04-10 11:35:32 +02:00