1a6932214f
Introduce optional human_name column on compat_sessions
2025-02-05 11:36:51 +01:00
463ba2ea50
Avoid unnecessary clones in the login_hint parser
2025-01-28 17:25:54 +01:00
0c26dd859a
Support compatibility sessions that do not have devices ( #3801 )
...
Co-authored-by: Quentin Gliech <quenting@element.io >
2025-01-27 14:50:31 +00:00
6092efe949
Merge branch 'main' into quenting/optional-email
2025-01-20 11:31:48 +01:00
21e2c36e89
Recognise macaroons as access tokens from Synapse ( #3797 )
2025-01-17 09:50:13 +00:00
dbb53160b6
Data model and storage layer for storing user registrations
2025-01-14 16:30:43 +01:00
0513f198d8
Rip out the email verification codes
...
This considers all user_emails as confirmed, and removes the verification code.
It will be replaced by a new email authentication code flow
2025-01-14 15:46:45 +01:00
75526ff0c4
storage: new email authentication codes
2025-01-13 17:00:30 +01:00
ee33e9c0fb
Remove the primary email address concept
2025-01-13 17:00:30 +01:00
af1282b510
Allow response_mode to be null and if so do not add the query param ( #3700 )
2024-12-18 18:18:39 +01:00
a97d2daa3d
Make the issue optional on upstream OAuth 2.0 providers
2024-12-17 13:40:34 +01:00
80903ed629
Add id_token_signed_response_alg and userinfo_signed_response_alg ( #3664 )
2024-12-17 11:54:16 +01:00
177a0f42bd
Allow revoking refresh tokens
...
This lets us track 'revoked' tokens separately from 'consumed' tokens.
2024-12-11 14:15:01 +01:00
23c73cf191
Record when access tokens are first used
2024-12-11 14:15:01 +01:00
56cb293fbb
Record the next refresh token ID when refreshing
...
This will help us determine whether we had a double-refresh happening
2024-12-11 14:15:01 +01:00
2e3b8bdd86
Allow setting an explicit upstream account name ( #3600 )
2024-11-29 12:30:18 +01:00
56edcb4e52
Add fetch_userinfo to upstream SSO provider ( #3363 )
2024-11-26 15:01:03 +00:00
98f13004bc
Record extra query parameters during upstream callback
...
And make them available in the templates.
This is useful to get the user display name for Sign-in with Apple
2024-11-22 08:48:00 +01:00
6efe8bf45a
Allow setting the response_mode on upstream OAuth 2.0 providers
2024-11-22 08:48:00 +01:00
ab4f438464
Support Sign in with Apple
2024-11-22 08:48:00 +01:00
00432ddba8
Remove mas-matrix dependency on mas-data-model
2024-11-18 11:42:43 +01:00
751b6f2259
Allow use of chrono::Utc::now in the tests
...
Clock cannot be used because of a circular dependency
2024-11-18 11:42:43 +01:00
80fbaaa41c
More format
...
For some reason my cargo disagrees with the use line
2024-11-18 11:42:43 +01:00
32eb5499b9
clippy 📎
2024-11-18 11:42:43 +01:00
edc4604a6c
cargo fmt
2024-11-18 11:42:43 +01:00
c017dd0840
Implement login_hint
2024-11-18 11:42:43 +01:00
63e6e98083
Remove most doctests
2024-10-29 12:37:59 +01:00
87f34522c8
Output the registered client metadata in the registration endpoint
...
Fixes #2848
2024-09-20 20:39:04 +02:00
21fb01d961
Remove contacts from the data model
2024-09-20 20:39:04 +02:00
ed4b6c42a7
Remove (C)
2024-09-10 14:28:55 +02:00
f6bb100c0a
License headers change
2024-09-05 13:25:42 +02:00
19d485a68b
admin: model definition for the OAuth 2.0 sessions
2024-08-07 17:41:18 +02:00
fbc360d1a9
Backend work to support minimum password complexity ( #2965 )
...
* config: Add minimum password complexity option
* PasswordManager: add function for checking if complexity is sufficient
* Enforce password complexity on registration, change and recovery
* cli: Use exit code 1 for weak passwords
This seems preferable to exit code 0, but ideally we should choose one
and document it.
* Expose minimum password complexity score over GraphQL
2024-07-11 10:17:39 +01:00
f9f2f4a3be
Gate account recovery behing a configuration flag
2024-06-28 15:59:21 +02:00
43582e7eca
Data model and repository for the user recovery flow
2024-06-28 15:59:21 +02:00
4d9d8a8ba3
Actually verify the CAPTCHA during registration
2024-05-15 09:38:10 +02:00
0e270d5449
hCaptcha support
2024-05-15 09:38:10 +02:00
f9ae7ae313
Cloudflare Turnstile support
2024-05-15 09:38:10 +02:00
a3beeb2398
Render reCAPTCHA challenge on the registration form
2024-05-15 09:38:10 +02:00
3978acd94e
Fix recently added Clippy lints
...
This also ignores the clippy::blocks_in_conditions lint in two crates,
until tracing gets fixed: https://github.com/tokio-rs/tracing/issues/2876
2024-05-07 07:32:02 +02:00
6db50f098d
Allow more characters in device IDs
2024-05-03 16:56:56 +02:00
10d7ca95ae
Update copyright headers
2024-04-30 13:33:47 +02:00
f0899f17bd
Move the SiteConfig to the data-model crate
2024-04-30 13:33:47 +02:00
1cb48b8026
Add a manage register-user utility to the CLI
2024-04-30 12:15:10 +02:00
cd0ec35d2f
Soft-delete upstream OAuth 2.0 providers on config sync
2024-04-03 09:51:22 +02:00
4e3823fe4f
Add a soft-deletion column on upstream OAuth 2.0 providers
2024-04-03 09:51:22 +02:00
70d688913f
Add Electron user-agent parsing for Element Desktop/Nightly ( #2461 )
2024-03-18 18:42:31 +01:00
61a69f5af4
Upgrade chrono and replace deprecated methods usage
2024-03-18 17:26:40 +01:00
1821136e3f
Additional parameters from upstream OAuth2 providers in the data model
2024-03-01 14:36:37 +01:00
f3cbd3b315
Parse User Agents on the backend side ( #2388 )
...
* Parse user agents on the server side
* Parse and expose user agents on the backend
* Use the parsed user agent in the device consent page
* Fix the device icon tests
* Fix clippy warnings
* Box stuff to avoid large enum variants
* Ignore a clippy warning
* Fix the requester boxing
2024-02-23 16:47:48 +01:00
Olivier 'reivilibre