dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-05-21 04:55:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,062 Commits 84 Branches 88 Tags
2f94de202cc00450b49a41d9f97040f069955686
Commit Graph

109 Commits

Author SHA1 Message Date
Olivier 'reivilibre 7d5e9b863d Revoke personal sessions on user deactivation 2025-10-22 11:27:10 +01:00
Olivier 'reivilibre 98c765cf6b storage: include PATs alongside personal sessions 2025-10-20 14:33:30 +01:00
Olivier 'reivilibre 6aa483a1f8 Sync devices from personal sessions 2025-10-07 19:54:59 +01:00
Quentin Gliech ad7fedf6ff Adapt most code to use the new edges and cursors 2025-09-29 15:08:46 +02:00
Quentin Gliech 6a1d67f452 Merge remote-tracking branch 'origin/main' into feat/login_hint_with_email 2025-08-18 16:43:00 +02:00
Quentin Gliech 6a2492e70b Fix a few clippy lints, mostly in doc comments 2025-08-18 10:34:28 +02:00
mcalinghee c314802fcd move Clock/MockClock/SystemClock/BoxClock/BoxRng to mas-data-model 2025-07-31 11:17:33 +02:00
Quentin Gliech ea873577aa Fix many clippy warnings 
This is because the tracing-attributes update made clippy look at those
again. I've removed the `too_many_lines` lint, as it's not really useful
and we ignore it most of the time anyway.
 2025-07-30 14:49:38 +02:00
Quentin Gliech d06f7c27d2 Handle device syncs for many devices more quickly (#4815) 2025-07-23 17:40:28 +02:00
Quentin Gliech 44c24e362c Handle device syncs for many devices more quickly 2025-07-23 17:37:25 +02:00
Quentin Gliech 70aba2a086 Fix the user deactivation/reactivation jobs 
Those got broken when we switched to using localparts in the
HomeserverConnection in #4801
 2025-07-23 10:38:27 +02:00
Quentin Gliech 8af1b7a3fa Take the localpart instead of the MXID in HomeserverConnection methods 2025-07-18 16:39:24 +02:00
Andrew Ferrazzutti d807975137 Decouple (un)locking from (re/de)activation 
Unify the admin API, CLI, and GraphQL API in not having the unlock
command also reactivate, or the deactivate command also lock.

Still let the unlock command of the CLI and GraphQL API to also
reactivate the target user, albeit as a non-default option.
 2025-07-16 14:17:01 -04:00
Andrew Ferrazzutti eca22d335b Format 2025-07-16 14:17:01 -04:00
Andrew Ferrazzutti 6c1afee13d Separate active state from lock state in admin API 
- Allow the admin API to deactivate a user without locking it, and to
  unlock a user without reactivating it.
- Make unlock-and-reactivate flows unset the "deactivated_at" timestamp.
- Revert adding an "unlock" parameter on `ReactivateUserJob`, as the
  option is used only by the admin API which doesn't use a job.
 2025-07-16 14:17:01 -04:00
Andrew Ferrazzutti a8b8c8e31c Add admin API endpoint to reactivate user 2025-07-16 14:17:01 -04:00
Quentin Gliech e66782207b Ignore clippy lint 2025-07-09 18:04:45 +02:00
Quentin Gliech 388bfc25c2 Test helper to run all tests in the job queue 2025-07-09 17:26:09 +02:00
Quentin Gliech 45f15e15d0 Allow setting a custom clock on the QueueWorker & add one to the 
TestState
 2025-07-09 17:24:04 +02:00
Quentin Gliech f69855e21e Remove the duplicate clock and rng in QueueWorker 
Use the ones in the inner State instead
 2025-07-09 17:22:13 +02:00
Quentin Gliech 4227341857 Make the task State::clock() return a &dyn Clock instead of a BoxClock 2025-07-09 17:20:03 +02:00
Quentin Gliech 3d96dc9d47 Update license headers to match the actual license 2025-06-12 10:32:16 +02:00
Quentin Gliech 345f6f2c3a Use the new RepositoryFactory everywhere 2025-05-07 17:27:59 +02:00
Quentin Gliech 2a99af6349 perf: avoid unnecessary clones of the log context 2025-04-24 14:19:26 +02:00
Quentin Gliech 76adf18b2e tasks: don't rely on #[instrument(err)] for logging errors 2025-04-18 09:59:31 +02:00
Quentin Gliech 9aa94859d6 Record the job result from within the job LogContext 
This means we can log stats about the job when it finishes, and its
status will have the right log context attached to it.
 2025-04-18 09:59:30 +02:00
Quentin Gliech 2b4eaf55b0 Add context to some log messages 2025-04-18 09:58:48 +02:00
Quentin Gliech bfc92f5f28 Create a few basic logging contexts 2025-04-16 16:07:29 +02:00
Quentin Gliech e776d652d9 Fix Clippy lints introduced by Rust 1.86 2025-04-06 16:18:27 +02:00
Quentin Gliech 6a37fdfe30 Merge branch 'main' into quenting/dynamic-policy-data 2025-03-14 10:16:16 +01:00
Quentin Gliech 8581ca19ef Prune stale policy data once a day 2025-03-13 13:40:59 +01:00
Quentin Gliech 93b991ec95 Mark the user as deactivated in the user deactivation job 2025-03-11 17:35:13 +01:00
Quentin Gliech 4e2f38ea41 Remove user emails when deactivating a user 2025-03-11 17:35:12 +01:00
Quentin Gliech 79cef5ebe0 Adjust the jobs retry delays and number of attempts 2025-03-07 15:01:08 +01:00
Quentin Gliech f484896f16 Remove generic error type & always use an Arc on the HS connection 
This should help us write other implementations of HomeserverConnection
 2025-03-03 15:43:13 +01:00
Quentin Gliech 3d2b67a0b2 Upgrade to Rust 1.85 and edition 2024 2025-02-21 16:15:02 +01:00
Quentin Gliech 9504174812 Only expire sessions from dynamic clients 2025-02-12 17:31:21 +01:00
Quentin Gliech 935400d87b Experimental feature to timeout inactive sessions 2025-02-12 17:31:21 +01:00
Quentin Gliech 2ae36b4a84 Setup job to expire inactive browser sessions 2025-02-12 14:03:41 +01:00
Quentin Gliech 4353185802 Setup a job to expire compatibility sessions 2025-02-12 13:57:36 +01:00
Quentin Gliech 34f7e49a54 Setup a job to expire OAuth 2.0 sessions 2025-02-12 13:47:48 +01:00
reivilibre 0c26dd859a Support compatibility sessions that do not have devices (#3801) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-01-27 14:50:31 +00:00
Quentin Gliech 0bedaf3745 Make the password registration create a user_registration 2025-01-14 16:30:44 +01:00
Quentin Gliech 5f5fc44fbd Job to send the new email authentication codes 2025-01-14 15:47:17 +01:00
Quentin Gliech 0513f198d8 Rip out the email verification codes 
This considers all user_emails as confirmed, and removes the verification code.
It will be replaced by a new email authentication code flow
 2025-01-14 15:46:45 +01:00
Quentin Gliech 88fb4ed025 Shutdown the server if any of the tasks crashes (#3672) 2024-12-17 09:11:08 +00:00
Quentin Gliech c6e85edfc1 Add metrics to the job queue 
This adds:

 - a histogram of the time it takes to process a job for each queue,
   with the status of the job (success, failure, etc.)
 - a histogram which records the time it takes to do a "tick", fetch jobs
 - a counter of the number of jobs currently in-flight for each queue
 - a counter which tracks the reasons why the worker got worken up
 2024-12-16 14:57:17 +01:00
Quentin Gliech 0360427adf Cleanup revoked tokens instead of expired ones 
If we continue deleting expired tokens, we might not record whether the
token was used or not, and not know what to do in case of
a double-refresh.

Revoked tokens are safe to delete.

This also reduces the frequency of the cleanup job to once an hour.
 2024-12-11 14:15:01 +01:00
Quentin Gliech 2345685b92 Remove the schedule_expression from the database & other fixes 2024-12-06 16:24:26 +01:00
Quentin Gliech 186860b10f Cron-like recurring jobs 2024-12-06 16:24:26 +01:00