dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-06-07 00:12:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,772 Commits 96 Branches 90 Tags
27ca7ec10808e05bdbfd83dfd5f2ea56960f571e
Commit Graph

1537 Commits

Author SHA1 Message Date
Quentin Gliech 27ca7ec108 Add an extractor to check for credentails in the admin API 2024-07-26 11:36:55 +02:00
Quentin Gliech 43ff6dc9d3 doc: auto-generate the API schema in the documentation 2024-07-26 11:36:55 +02:00
Quentin Gliech 76755610cb config: allow serving the admin API routes 2024-07-26 11:36:55 +02:00
Quentin Gliech f4f61f0d51 handlers: bootstrap the admin API router 2024-07-26 11:36:55 +02:00
Quentin Gliech a1b13288ab axum-utils: make the ErrorWrapper implement std::error::Error 2024-07-26 11:36:55 +02:00
Quentin Gliech 144de0deb2 storage: freeze the error type on BoxRepository 
This avoids having to deal with traits bounds everywhere. It also moves
the `boxed()` method to the PgRepository, because it was unnecessary to
keep it on the `Repository` trait
 2024-07-26 11:36:55 +02:00
Olivier 'reivilibre 48c4c34e88 Remove the server-side rendered account recovery 'finish' form 
Replace with the React frontend form
 2024-07-26 10:20:32 +01:00
Olivier 'reivilibre c83e052e7f graphql: use NoSuchRecoveryTicket when link is invalid 2024-07-26 10:20:32 +01:00
Quentin Gliech e937ea8fa8 Rework assets loading to fix splitting CSS chunks 2024-07-25 12:59:29 +02:00
Quentin Gliech ee9a01ef40 OTEL: remove custom Header{Injector,Extractor} implementations 2024-07-25 11:27:07 +02:00
Quentin Gliech d1b9a4980c Update opentelemetry to 0.24.0 2024-07-25 11:01:43 +02:00
dependabot[bot] 7dcb476e92 build(deps): bump psl from 2.1.50 to 2.1.55 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.50 to 2.1.55.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.50...v2.1.55)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-25 09:34:05 +02:00
dependabot[bot] 54b1b142df build(deps): bump serde_with from 3.8.3 to 3.9.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.8.3 to 3.9.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.8.3...v3.9.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-25 09:33:43 +02:00
dependabot[bot] f5b0c638ae build(deps): bump wiremock from 0.6.0 to 0.6.1 
Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.0 to 0.6.1.
- [Changelog](https://github.com/LukeMathWalker/wiremock-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.0...v0.6.1)

---
updated-dependencies:
- dependency-name: wiremock
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-24 23:52:24 +02:00
reivilibre 8147016735 graphql: Add a SetPasswordByRecovery mutation to perform account recovery (#2986) 2024-07-24 16:19:14 +01:00
dependabot[bot] dd0c8b1a7e build(deps): bump uuid from 1.9.1 to 1.10.0 
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.9.1 to 1.10.0.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.9.1...1.10.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-24 17:02:27 +02:00
Quentin Gliech 6f2ab4f738 graphql: allow filtering of sessions by last activity 2024-07-19 13:40:27 +02:00
Quentin Gliech cef4645286 storage: add a filter by last active time on app sessions 2024-07-19 13:40:27 +02:00
Quentin Gliech 62c2af5e6a storage: add a filter by last active time on OAuth 2.0 sessions 2024-07-19 13:40:27 +02:00
Quentin Gliech 8bc1ef151f storage: add a filter by last active time on compatibility sessions 2024-07-19 13:40:27 +02:00
Quentin Gliech c6b759c56d storage: add a filter by last active time on browser sessions 2024-07-19 13:40:27 +02:00
Quentin Gliech f083ccf333 Add an index on the last_active_at column of the sessions tables 2024-07-19 13:40:27 +02:00
Quentin Gliech e89a818ff2 Use dynamic filters on app sessions by reusing the OAuth/compat sessions filters 2024-07-16 18:23:23 +02:00
Quentin Gliech 12d2f1f827 Add new filters on the OAuth and compat sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech c4e7cf1a27 Use dynamic filters on browser sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech aa992d31f8 Use dynamic filters on users 2024-07-16 18:23:23 +02:00
Quentin Gliech 76c033b76a Use dynamic filters on user emails 2024-07-16 18:23:23 +02:00
Quentin Gliech 112f673e22 Use dynamic filters on upstream OAuth 2.0 providers 2024-07-16 18:23:23 +02:00
Quentin Gliech 7c2c310cac Use dynamic filters on upstream OAuth 2.0 links 2024-07-16 18:23:23 +02:00
Quentin Gliech 7c54c5f2e6 Use dynamic filters on OAuth 2.0 sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech df7bc53826 Use dynamic filters on compatibility SSO logins 2024-07-16 18:23:23 +02:00
Quentin Gliech 15c2c740a7 Use dynamic filters on compatibility sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech 452024764a Add a trait to help building dynamic filters 2024-07-16 18:23:23 +02:00
reivilibre 1afd2a2906 Remove OPA-based password policy enforcement (#2875) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-07-16 14:33:04 +01:00
Quentin Gliech e47f26fde6 Update the query introspection data 2024-07-16 14:13:11 +02:00
Quentin Gliech 6db455412f Kill all sessions when deactivating a user 2024-07-16 14:13:11 +02:00
Quentin Gliech 857b76bb04 Make mas-cli manage kill-sessions finish sessions in bulk 2024-07-16 14:13:11 +02:00
Quentin Gliech dcaf65e6e7 Batch finish browser sessions 2024-07-16 14:13:11 +02:00
Quentin Gliech 04b96b87b8 Batch finish OAuth 2.0 sessions 2024-07-16 14:13:11 +02:00
Quentin Gliech f8d12cc305 Batch finish compatibility sessions 2024-07-16 14:13:11 +02:00
Quentin Gliech fa32387ca5 Show whether the user is deactivated on the homeserver in the GraphQL API 
Fix #2375
 2024-07-16 13:20:28 +02:00
Quentin Gliech bac2db9884 GraphQL API to unlock a user 
Fixes #2101
 2024-07-16 13:20:28 +02:00
Quentin Gliech 0207495225 Add a way to reactivate users on the homeserver 2024-07-16 13:20:28 +02:00
Quentin Gliech 3eab10672f Add a lock during syncs of user devices 2024-07-16 09:32:07 +02:00
Quentin Gliech 695228ade4 Provision users on the fake homeserver in tests 
Because we now provision devices synchronously, we need to update the
tests so that the users exist on the fake homeserver.
 2024-07-16 09:32:07 +02:00
Quentin Gliech 35c06ac27b Deprecate the ProvisionDeviceJob and DeleteDeviceJob jobs 2024-07-16 09:32:07 +02:00
Quentin Gliech 037cf996a8 Provision the devices synchronously 
This means Synapse won't have to provision them on the fly anymore
 2024-07-16 09:32:07 +02:00
Quentin Gliech 11fd3b231a Don't hold the database connection for too long 2024-07-16 09:32:07 +02:00
Quentin Gliech bf276289b6 Fully sync the devices with the homeserver 2024-07-16 09:32:07 +02:00
reivilibre fbc360d1a9 Backend work to support minimum password complexity (#2965) 
* config: Add minimum password complexity option

* PasswordManager: add function for checking if complexity is sufficient

* Enforce password complexity on registration, change and recovery

* cli: Use exit code 1 for weak passwords

This seems preferable to exit code 0, but ideally we should choose one
and document it.

* Expose minimum password complexity score over GraphQL
 2024-07-11 10:17:39 +01:00