2e3b8bdd86
Allow setting an explicit upstream account name ( #3600 )
2024-11-29 12:30:18 +01:00
2c01b439bd
Make the id_token optional on upstream OAuth 2.0 providers
...
This makes it possible to use non-OIDC providers as upstream OAuth 2.0 providers, like GitHub.
2024-11-29 10:31:50 +01:00
24be677a06
Concatenate arrays in the config when loading multiple files
2024-11-28 17:03:42 +01:00
56edcb4e52
Add fetch_userinfo to upstream SSO provider ( #3363 )
2024-11-26 15:01:03 +00:00
6efe8bf45a
Allow setting the response_mode on upstream OAuth 2.0 providers
2024-11-22 08:48:00 +01:00
ab4f438464
Support Sign in with Apple
2024-11-22 08:48:00 +01:00
14948c35cb
Replace all the manual HTTP clients with reqwest
2024-10-28 13:46:38 +01:00
b3b9a872d6
Replace HTTP client in oidc-client with reqwest
2024-10-28 13:46:38 +01:00
b137470609
Better error when the email addresses in the config are invalid
2024-10-22 16:19:43 +02:00
63e039d8f5
Add a CLI tool to add an email address to a user
2024-10-22 16:19:26 +02:00
685b27d594
Use CancellationToken and a TaskTracker to handle graceful shutdowns
2024-10-10 10:49:41 +02:00
847ccf8bb4
Move the remaining mentions of matrix-org to element-hq
2024-09-10 14:28:55 +02:00
ed4b6c42a7
Remove (C)
2024-09-10 14:28:55 +02:00
f6bb100c0a
License headers change
2024-09-05 13:25:42 +02:00
244f8f5e5e
Add configuration for rate-limiting of logins, replacing hardcoded limits ( #3090 )
2024-08-07 18:36:02 +01:00
1bdad262cd
Disallow OAuth 2.0 use of the GraphQL API by default
2024-08-07 18:09:51 +02:00
49826c1aa4
Make the optional configuration sections really optional
2024-08-01 15:00:16 +02:00
8b3451d66f
Move the account-related options out of experimental
2024-08-01 14:50:21 +02:00
4a275fa4b9
Call retain_recent periodically on rate limiters
2024-07-26 13:56:45 +02:00
e25c170403
Rate-limit password-based login attempts
2024-07-26 13:56:45 +02:00
76755610cb
config: allow serving the admin API routes
2024-07-26 11:36:55 +02:00
144de0deb2
storage: freeze the error type on BoxRepository
...
This avoids having to deal with traits bounds everywhere. It also moves
the `boxed()` method to the PgRepository, because it was unnecessary to
keep it on the `Repository` trait
2024-07-26 11:36:55 +02:00
ee9a01ef40
OTEL: remove custom Header{Injector,Extractor} implementations
2024-07-25 11:27:07 +02:00
d1b9a4980c
Update opentelemetry to 0.24.0
2024-07-25 11:01:43 +02:00
1afd2a2906
Remove OPA-based password policy enforcement ( #2875 )
...
Co-authored-by: Quentin Gliech <quenting@element.io >
2024-07-16 14:33:04 +01:00
857b76bb04
Make mas-cli manage kill-sessions finish sessions in bulk
2024-07-16 14:13:11 +02:00
0207495225
Add a way to reactivate users on the homeserver
2024-07-16 13:20:28 +02:00
bf276289b6
Fully sync the devices with the homeserver
2024-07-16 09:32:07 +02:00
fbc360d1a9
Backend work to support minimum password complexity ( #2965 )
...
* config: Add minimum password complexity option
* PasswordManager: add function for checking if complexity is sufficient
* Enforce password complexity on registration, change and recovery
* cli: Use exit code 1 for weak passwords
This seems preferable to exit code 0, but ideally we should choose one
and document it.
* Expose minimum password complexity score over GraphQL
2024-07-11 10:17:39 +01:00
798ca90241
Fix mas-cli
...
This does a few things:
- move `bytes` to workspace dependencies
- write an hyper-based transport for Sentry
- ignore OTEL errors related to propagations
- fix everything else in mas-cli
2024-07-05 10:07:40 +02:00
2e63e3da71
Write an adapter for opentelemetry-http
2024-07-05 10:07:40 +02:00
edb01f1e98
Box the CLI command futures to reduce the size of the try_main future
2024-07-05 09:54:18 +02:00
eff66726d5
New config options to set the database certificates
2024-07-05 09:54:18 +02:00
c37fcfd786
Bump the other opentelemetry crates
2024-06-28 17:22:02 +02:00
f9f2f4a3be
Gate account recovery behing a configuration flag
2024-06-28 15:59:21 +02:00
c156a3891e
Actually send emails for recovery
2024-06-28 15:59:21 +02:00
d76b54b13f
Add a setPassword GraphQL mutation for setting a user's password ( #2820 )
...
* Feed `PasswordManager` through to the GraphQL `State`
* Add `setPassword` GraphQL mutation to update a user's password
2024-06-05 18:04:17 +01:00
206d45bb31
Merge the mas_graphql crate into the mas_handlers crate ( #2783 )
2024-05-17 17:22:34 +01:00
d20b0a04fe
'migration' -> 'database migration' in startup output
2024-05-16 16:39:57 +02:00
f8bfad37a1
Fix typos in doctor command output
2024-05-16 16:39:57 +02:00
0e270d5449
hCaptcha support
2024-05-15 09:38:10 +02:00
f9ae7ae313
Cloudflare Turnstile support
2024-05-15 09:38:10 +02:00
a3beeb2398
Render reCAPTCHA challenge on the registration form
2024-05-15 09:38:10 +02:00
3978acd94e
Fix recently added Clippy lints
...
This also ignores the clippy::blocks_in_conditions lint in two crates,
until tracing gets fixed: https://github.com/tokio-rs/tracing/issues/2876
2024-05-07 07:32:02 +02:00
10d7ca95ae
Update copyright headers
2024-04-30 13:33:47 +02:00
e080932906
Make the SiteConfig available in the GraphQL context
2024-04-30 13:33:47 +02:00
aa2e2229bc
Finish moving the site config
2024-04-30 13:33:47 +02:00
f0899f17bd
Move the SiteConfig to the data-model crate
2024-04-30 13:33:47 +02:00
90080235da
Introduce config to restrict user capabilities
2024-04-30 13:33:47 +02:00
4d1b6aeded
Prompt for all parameters interactively
2024-04-30 12:15:10 +02:00
Quentin Gliech