Commit Graph

1 Commits

Author SHA1 Message Date
Andrew Morgan
3719680ee4
Add ability to perform password reset via email without trusting the identity server ()
Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option.

This PR is a culmination of 3 smaller PRs which have each been separately reviewed:

* 
* 
* 
2019-06-06 17:34:07 +01:00