Richard van der Hoff
3413f1e284
Type annotations
...
Add some type annotations to help PyCharm (in particular) to figure out the
types of a bunch of things.
2016-07-19 18:56:16 +01:00
David Baker
b9e997f561
Merge pull request #931 from matrix-org/rav/refactor_register
...
rest/client/v2_alpha/register.py: Refactor flow somewhat.
2016-07-19 16:13:45 +01:00
Richard van der Hoff
8f6281ab0c
Don't bind email unless threepid contains expected fields
2016-07-19 15:50:01 +01:00
Richard van der Hoff
0da0d0a29d
rest/client/v2_alpha/register.py: Refactor flow somewhat.
...
This is meant to be an *almost* non-functional change, with the exception that
it fixes what looks a lot like a bug in that it only calls
`auth_handler.add_threepid` and `add_pusher` once instead of three times.
The idea is to move the generation of the `access_token` out of
`registration_handler.register`, because `access_token`s now require a
device_id, and we only want to generate a device_id once registration has been
successful.
2016-07-19 13:12:22 +01:00
Richard van der Hoff
f863a52cea
Add device_id support to /login
...
Add a 'devices' table to the storage, as well as a 'device_id' column to
refresh_tokens.
Allow the client to pass a device_id, and initial_device_display_name, to
/login. If login is successful, then register the device in the devices table
if it wasn't known already. If no device_id was supplied, make one up.
Associate the device_id with the access token and refresh token, so that we can
get at it again later. Ensure that the device_id is copied from the refresh
token to the access_token when the token is refreshed.
2016-07-18 16:39:44 +01:00
Richard van der Hoff
93efcb8526
Merge pull request #928 from matrix-org/rav/refactor_login
...
Refactor login flow
2016-07-18 16:12:35 +01:00
Richard van der Hoff
dcfd71aa4c
Refactor login flow
...
Make sure that we have the canonical user_id *before* calling
get_login_tuple_for_user_id.
Replace login_with_password with a method which just validates the password,
and have the caller call get_login_tuple_for_user_id. This brings the password
flow into line with the other flows, and will give us a place to register the
device_id if necessary.
2016-07-18 15:23:54 +01:00
Will Hunt
511a52afc8
Use body.get to check for 'user'
2016-07-16 18:44:08 +01:00
Will Hunt
e885e2a623
Fall back to 'username' if 'user' is not given for appservice reg.
2016-07-16 18:33:48 +01:00
Erik Johnston
a3036ac37e
Merge pull request #921 from matrix-org/erikj/account_deactivate
...
Feature: Add an /account/deactivate endpoint
2016-07-14 17:25:15 +01:00
Erik Johnston
209e04fa11
Merge pull request #918 from negzi/bugfix_for_token_expiry
...
Bug fix: expire invalid access tokens
2016-07-14 15:51:52 +01:00
Erik Johnston
848d3bf2e1
Add hs object
2016-07-14 10:25:52 +01:00
Erik Johnston
b55c770271
Only accept password auth
2016-07-14 10:00:38 +01:00
Erik Johnston
d543b72562
Add an /account/deactivate endpoint
2016-07-14 09:56:53 +01:00
Negar Fazeli
0136a522b1
Bug fix: expire invalid access tokens
2016-07-13 15:00:37 +02:00
David Baker
c55ad2e375
be more pythonic
2016-07-12 14:15:10 +01:00
David Baker
aaa9d9f0e1
on_OPTIONS isn't neccessary
2016-07-12 14:13:14 +01:00
David Baker
75fa7f6b3c
Remove other debug logging
2016-07-12 14:08:57 +01:00
David Baker
a5db0026ed
Separate out requestTokens to separate handlers
2016-07-11 09:57:07 +01:00
David Baker
9c491366c5
Oops, remove debug logging
2016-07-11 09:07:40 +01:00
David Baker
385aec4010
Implement https://github.com/matrix-org/matrix-doc/pull/346/files
2016-07-08 17:42:48 +01:00
Erik Johnston
67f2c901ea
Add rest servlet. Fix SQL.
2016-07-06 15:56:59 +01:00
Erik Johnston
a17e7caeb7
Merge branch 'erikj/shared_secret' into erikj/test2
2016-07-06 14:46:31 +01:00
Erik Johnston
76b18df3d9
Check that there are no null bytes in user and passsword
2016-07-06 11:17:53 +01:00
Erik Johnston
0da24cac8b
Add null separator to hmac
2016-07-06 11:05:16 +01:00
Erik Johnston
651faee698
Add an admin option to shared secret registration
2016-07-05 17:30:22 +01:00
Erik Johnston
caf33b2d9b
Protect password when registering using shared secret
2016-07-05 17:18:19 +01:00
Erik Johnston
2d21d43c34
Add purge_history API
2016-07-05 10:28:51 +01:00
Kent Shikama
bb069079bb
Fix style violations
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-04 22:07:11 +09:00
Kent Shikama
2e5a31f197
Use .get() instead of [] to access password_hash
2016-07-04 22:00:13 +09:00
Kent Shikama
fc8007dbec
Optionally include password hash in createUser endpoint
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-03 15:08:15 +09:00
Erik Johnston
f328d95cef
Feature: Add deactivate account admin API
...
Allows server admins to "deactivate" accounts, which:
- Revokes all access tokens
- Removes all threepids
- Removes password
The API is a POST to `/admin/deactivate/<user_id>`
2016-06-30 15:40:58 +01:00
Erik Johnston
a70688445d
Implement purge_media_cache admin API
2016-06-29 14:57:59 +01:00
Erik Johnston
95f305c35a
Remove redundant exception log in /events
2016-06-09 11:15:04 +01:00
Erik Johnston
690029d1a3
Don't make rooms visibile by default
2016-06-08 14:47:42 +01:00
Erik Johnston
efeabd3180
Log user that is making /publicRooms calls
2016-06-08 14:23:15 +01:00
Erik Johnston
6a0afa582a
Load push rules in storage layer, so that they get cached
2016-06-03 11:10:00 +01:00
David Baker
1f31cc37f8
Working unsubscribe links going straight to the HS
...
and authed by macaroons that let you delete pushers and nothing else
2016-06-02 17:21:31 +01:00
David Baker
3a3fb2f6f9
Merge branch 'dbkr/split_out_auth_handler' into dbkr/email_unsubscribe
2016-06-02 13:35:25 +01:00
David Baker
4a10510cd5
Split out the auth handler
2016-06-02 13:31:45 +01:00
David Baker
991af8b0d6
WIP on unsubscribing email notifs without logging in
2016-06-01 17:40:52 +01:00
David Baker
d240796ded
Basic, un-cached support for secondary_directory_servers
2016-05-31 17:20:07 +01:00
David Baker
887c6e6f05
Split out the room list handler
...
So I can use it from federation bits without pulling in all the handlers.
2016-05-31 11:05:16 +01:00
Kegan Dougal
332d7e9b97
Allow clients to specify a server_name to avoid 'No known servers'
...
Multiple server_names are supported via ?server_name=foo&server_name=bar
2016-05-19 13:50:52 +01:00
Mark Haines
0cb441fedd
Move typing handler out of the Handlers object
2016-05-17 15:58:46 +01:00
Mark Haines
f68eea808a
Move SyncHandler out of the Handlers object
2016-05-16 20:19:26 +01:00
Mark Haines
3b86ecfa79
Move the presence handler out of the Handlers object
2016-05-16 18:56:37 +01:00
Negi Fazeli
40aa6e8349
Create user with expiry
...
- Add unittests for client, api and handler
Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
2016-05-13 15:34:15 +02:00
David Baker
997db04648
Merge remote-tracking branch 'origin/develop' into dbkr/email_notifs
2016-05-10 14:40:19 +02:00
David Baker
c00b484eff
More consistent config naming
2016-05-10 14:39:16 +02:00