David Baker
3f8db3d597
Add specific error code for invalid user names.
2016-01-14 17:21:04 +00:00
David Baker
09dc9854cd
comma style
2016-01-06 17:44:10 +00:00
David Baker
c79f221192
Add is_guest flag to users db to track whether a user is a guest user or not. Use this so we can run _filter_events_for_client when calculating event_push_actions.
2016-01-06 11:38:09 +00:00
Daniel Wagner-Hall
cfd07aafff
Allow guests to upgrade their accounts
2016-01-05 18:01:18 +00:00
Matthew Hodgson
c8ea2d5b1f
Merge pull request #450 from matrix-org/matthew/no-identicons
...
Matthew/no identicons
2015-12-18 18:14:06 +00:00
David Baker
ce4999268a
Fix typo that broke registration on the mobile clients
2015-12-18 10:07:28 +00:00
Matthew Hodgson
64374bda5b
fix indentation level
2015-12-17 23:04:53 +00:00
Matthew Hodgson
772ad4f715
stop generating default identicons. reverts most of 582019f870
and solves vector-web/vector-im#346
2015-12-17 23:04:20 +00:00
Mark Haines
478b4e3ed4
Reuse the captcha client rather than creating a new one for each request
2015-12-03 13:48:55 +00:00
Mark Haines
a9526831a4
Wrap calls to distributor.fire in appropriately named functions so that static analysis can work out want is calling what
2015-12-01 20:53:04 +00:00
Daniel Wagner-Hall
f522f50a08
Allow guests to register and call /events?room_id=
...
This follows the same flows-based flow as regular registration, but as
the only implemented flow has no requirements, it auto-succeeds. In the
future, other flows (e.g. captcha) may be required, so clients should
treat this like the regular registration flow choices.
2015-11-04 17:29:07 +00:00
Daniel Wagner-Hall
86fac9c95e
Remove unused import
2015-08-26 16:03:17 +01:00
Daniel Wagner-Hall
3063383547
Swap out bcrypt for md5 in tests
...
This reduces our ~8 second sequential test time down to ~7 seconds
2015-08-26 15:59:32 +01:00
Daniel Wagner-Hall
d3c0e48859
Merge erikj/user_dedup to develop
2015-08-26 13:42:45 +01:00
Daniel Wagner-Hall
617501dd2a
Move token generation to auth handler
...
I prefer the auth handler to worry about all auth, and register to call
into it as needed, than to smatter auth logic between the two.
2015-08-20 11:35:56 +01:00
Daniel Wagner-Hall
70e265e695
Re-add whitespace around caveat operators
2015-08-19 14:30:31 +01:00
Daniel Wagner-Hall
ce832c38d4
Remove padding space around caveat operators
2015-08-18 17:39:26 +01:00
Daniel Wagner-Hall
3e6fdfda00
Fix some formatting to use tuples
2015-08-18 15:18:50 +01:00
Daniel Wagner-Hall
2d3462714e
Issue macaroons as opaque auth tokens
...
This just replaces random bytes with macaroons. The macaroons are not
inspected by the client or server.
In particular, they claim to have an expiry time, but nothing verifies
that they have not expired.
Follow-up commits will actually enforce the expiration, and allow for
token refresh.
See https://bit.ly/matrix-auth for more information
2015-08-18 14:22:02 +01:00
Daniel Wagner-Hall
415c2f0549
Simplify LoginHander and AuthHandler
...
* Merge LoginHandler -> AuthHandler
* Add a bunch of documentation
* Improve some naming
* Remove unused branches
I will start merging the actual logic of the two handlers shortly
2015-08-12 15:49:37 +01:00
Kegan Dougal
a4d62ba36a
Fix v2_alpha registration. Add unit tests.
...
V2 Registration forced everyone (including ASes) to create a password for a
user, when ASes should be able to omit passwords. Also unbreak AS registration
in general which checked too early if the given username was claimed by an AS;
it was checked before knowing if the AS was the one doing the registration! Add
unit tests for AS reg, user reg and disabled_registration flag.
2015-07-28 17:34:12 +01:00
Muthu Subramanian
f53bae0c19
code beautify
2015-07-08 16:05:46 +05:30
Muthu Subramanian
81682d0f82
Integrate SAML2 basic authentication - uses pysaml2
2015-07-08 15:36:54 +05:30
Mark Haines
dfa98f911b
revert accidental bcrypt gensalt round reduction from loadtesting
2015-05-07 17:45:42 +01:00
Mark Haines
ef8e8ebd91
pynacl-0.3.0 was released so we can finally start using it directly from pypi
2015-05-07 16:46:51 +01:00
David Baker
4eea5cf6c2
pep8
2015-04-17 16:46:45 +01:00
David Baker
83b554437e
Need to yield the username check, otherwise very very weird things happen.
2015-04-17 12:57:25 +01:00
David Baker
4cd5fb13a3
Oops, left debugging in.
2015-04-16 20:03:13 +01:00
David Baker
ea1776f556
Return user ID in use error straight away
2015-04-16 19:56:44 +01:00
David Baker
a19b739909
Regstration with email in v2
2015-04-15 15:50:38 +01:00
David Baker
59bf16eddc
New registration for C/S API v2. Only ReCAPTCHA working currently.
2015-03-30 18:13:10 +01:00
Erik Johnston
f88db7ac0b
Factor out user id validation checks
2015-03-18 11:34:18 +00:00
Kegan Dougal
58ff066064
Implement exclusive namespace checks.
2015-02-27 13:51:41 +00:00
Kegan Dougal
9978c5c103
Merge branch 'develop' into application-services
2015-02-11 10:03:24 +00:00
Mark Haines
b085fac735
Code-style fixes
2015-02-10 16:30:48 +00:00
Kegan Dougal
53557fc532
Merge branch 'develop' into application-services
2015-02-09 15:20:56 +00:00
Matthew Hodgson
37b6b880ef
don't give up if we can't create default avatars during tests
2015-02-07 21:24:08 +00:00
Matthew Hodgson
582019f870
...and here's the actual impl. git fail.
2015-02-07 13:32:14 +00:00
Kegan Dougal
73a680b2a8
Add errcodes for appservice registrations.
2015-02-06 17:10:04 +00:00
Kegan Dougal
0227618d3c
Add m.login.application_service registration procedure.
...
This allows known application services to register any user ID under their
own user namespace(s).
2015-02-05 17:29:27 +00:00
Kegan Dougal
cab4c73088
Prevent user IDs in AS namespaces being created/deleted by humans.
2015-02-05 16:46:56 +00:00
Kegan Dougal
96d4bf9012
Modify API for SimpleHttpClient.get_json and update usages.
...
Previously, this would only return the HTTP body as JSON, and discard other
response information (e.g. the HTTP response code). This has now been changed
to throw a CodeMessageException on a non-2xx response, with the response code
and body, which can then be parsed as JSON.
Affected modules include:
- Registration/Login (when using an email for IS auth)
2015-02-04 17:07:31 +00:00
David Baker
e32ded7b3e
Add matrix.org as a trusted ID server because it's now passed through on ports 80/443 and the web client defaults to that now. Fixes email validation (including signing up with an email address).
2015-01-28 10:09:54 +00:00
Mark Haines
adb04b1e57
Update copyright notices
2015-01-06 13:21:39 +00:00
Erik Johnston
a295a3c691
Fix registration
2014-12-08 09:24:37 +00:00
Mark Haines
610c2ea131
Fix pep8 and pyflakes warnings
2014-11-20 18:00:10 +00:00
David Baker
f1c7f8e813
Merge branch 'develop' into http_client_refactor
2014-11-20 17:49:48 +00:00
David Baker
e377d33652
Separate out the matrix http client completely because just about all of its code it now separate from the simple case we need for standard HTTP(S)
2014-11-20 17:41:56 +00:00
Mark Haines
32090aee16
Add a few missing yields, Move deferred lists inside PreserveLoggingContext because they don't interact well with the logging contexts
2014-11-20 16:24:00 +00:00
David Baker
20326054da
Oops, I removed this param.
2014-11-20 15:24:38 +00:00