77e954e475
correct format and translation
2025-04-10 17:57:58 +02:00
f2a47f9a88
add login by email + feature flag
2025-04-10 17:57:58 +02:00
0643133bc4
Fallback link in password recovery emails
2025-04-10 11:35:32 +02:00
9f925e6f09
Added upstream sample config for Discord, brand logo in templates
2025-03-30 15:53:56 +06:00
62a4aba08b
Better error pages when a user is deactivated or locked
2025-03-11 17:35:13 +01:00
70b561291e
Show proper error messages when registering with a banned/not-allowed username
2025-03-03 10:45:30 +01:00
bde473faf7
Update the compound design tokens, replace the error icon with error-solid
2025-02-21 17:04:11 +01:00
0027980cf4
Add translatable errors for the email policy constraints
2025-02-17 15:53:57 +01:00
44f7b46b63
Fix the rendering of the embedded API doc
2025-02-12 18:19:25 +01:00
8d50088d1e
Apply code style suggestion
...
Co-authored-by: reivilibre <oliverw@element.io >
2025-01-23 18:35:11 +01:00
7e6ab8ffc3
Disclose that email is already in use after verification
2025-01-23 18:18:19 +01:00
f50a386b10
Registration step to set a display name
2025-01-15 15:28:48 +01:00
f8517a5982
Implement email verification in the registration flow
2025-01-15 15:28:48 +01:00
0bedaf3745
Make the password registration create a user_registration
2025-01-14 16:30:44 +01:00
a294b37e89
Fix the post auth action being lost during the registration flow
2025-01-14 16:30:44 +01:00
3da27afc91
Move the registration-related views into a sub-module
2025-01-14 16:30:44 +01:00
5f5fc44fbd
Job to send the new email authentication codes
2025-01-14 15:47:17 +01:00
1f83b39313
Remove the dedicated page to add an email address
2025-01-14 15:46:39 +01:00
f6e8a014b8
Username on the first registration page is optional
2025-01-07 11:49:01 +01:00
342eaefa81
Split the base registration page with local password registration
2025-01-07 11:49:01 +01:00
3088d35012
Update the IDP brand icons from Figma
2025-01-07 11:49:01 +01:00
b51a6c02ab
Tweak the login page to match the design
2025-01-07 11:49:01 +01:00
d16049524b
Propagate more specific error messages from the policy on registration
...
This makes some policy errors translatable
2025-01-06 10:15:08 +01:00
2e3b8bdd86
Allow setting an explicit upstream account name ( #3600 )
2024-11-29 12:30:18 +01:00
7296364cd3
Avoid using SameSite=None by re-submitting incoming form data
2024-11-22 08:48:00 +01:00
4b7aff6049
Enable better minijinja compatibility with the Python implementation
2024-10-28 14:59:36 +01:00
15c02fa643
Manual license edit of remaining files
2024-09-10 14:28:55 +02:00
5d4a4a6fb8
Add rate-limiting for account recovery and registration ( #3093 )
...
* Add rate-limiting for account recovery and registration
* Rename login ratelimiter `per_address` to `per_ip` for consistency
Co-authored-by: Quentin Gliech <quenting@element.io >
2024-08-07 17:57:36 +00:00
3f947025e2
Host a Swagger UI both in the static documentation and by the server
2024-08-01 15:17:14 +02:00
e25c170403
Rate-limit password-based login attempts
2024-07-26 13:56:45 +02:00
e937ea8fa8
Rework assets loading to fix splitting CSS chunks
2024-07-25 12:59:29 +02:00
756f2c01f8
Separate error page when the recovery link was already used
2024-06-28 15:59:21 +02:00
96df94104e
Show a proper 'link expired' page
2024-06-28 15:59:21 +02:00
f9f2f4a3be
Gate account recovery behing a configuration flag
2024-06-28 15:59:21 +02:00
09fca9fd75
Implement the password change form
2024-06-28 15:59:21 +02:00
2e4d868385
Recovery progress page
2024-06-28 15:59:21 +02:00
c156a3891e
Actually send emails for recovery
2024-06-28 15:59:21 +02:00
319c43abc5
Start recovery view
2024-06-28 15:59:21 +02:00
7c67630c95
Remove the old password change page ( #2874 )
2024-06-27 13:41:24 +01:00
49e8fe57f4
Improve errors when MAS contacts the Synapse homeserver ( #2794 )
...
* Add some drive-by docstrings
* Change text rendering of catch_http_codes::HttpError
Using `#[source]` is unnatural here because it makes it look like
two distinct errors (one being a cause of the other),
when in reality it is just one error, with 2 parts.
Using `Display` formatting for that leads to a more natural error.
* Add constraints to `catch_http_code{,s}` methods
Not strictly required, but does two things:
- documents what kind of function is expected
- provides a small extra amount of type enforcement at the call site,
rather than later on when you find the result doesn't implement Service
* Add a `catch_http_errors` shorthand
Nothing major, just a quality of life improvement so you don't have to
repetitively write out what a HTTP error is
* Unexpected error page: remove leading whitespace from preformatted 'details' section
The extra whitespace was probably unintentional and makes the error harder to read,
particularly when it wraps onto a new line unnecessarily
* Capture and log Matrix errors received from Synapse
* Drive-by clippy fix: use clamp instead of min().max()
* Convert `err(Display)` to `err(Debug)` for `anyhow::Error`s in matrix-synapse support module
2024-06-07 11:14:04 +00:00
5ef6fa4109
Place the CAPTCHA error at the end of the form
2024-05-15 09:38:10 +02:00
359da66b88
Display a user-friendly error on CAPTCHA failures
2024-05-15 09:38:10 +02:00
e4d6bbee14
Disable hCaptcha compatibility with reCAPTCHA
2024-05-15 09:38:10 +02:00
cef069564a
Add a <noscript> fallback message
2024-05-15 09:38:10 +02:00
0e270d5449
hCaptcha support
2024-05-15 09:38:10 +02:00
f9ae7ae313
Cloudflare Turnstile support
2024-05-15 09:38:10 +02:00
a3beeb2398
Render reCAPTCHA challenge on the registration form
2024-05-15 09:38:10 +02:00
1b4898aa3a
Make the consent screens (almost completely) translatable
...
One exception is the wording for the privacy policy/TOS, because it's
annoying to do with the conditionals.
2024-05-10 14:49:54 +02:00
353815bc6f
Skip the device code form when using the full verification URI
...
This changes the form to use a GET method, as it is only really doing
a redirect.
2024-05-07 12:19:10 +02:00
10d7ca95ae
Update copyright headers
2024-04-30 13:33:47 +02:00
mcalinghee