Amber Brown
f40a7dc41f
Make the http server handle coroutine-making REST servlets ( #5475 )
2019-06-29 17:06:55 +10:00
PauRE
856ea04eb3
Fix JWT login ( #5555 )
...
* Fix JWT login with register
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
* Add pyjwt conditional dependency
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
* Added changelog file
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
* Improved changelog description
Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
2019-06-27 12:02:41 +01:00
Brendan Abolivier
bfe84e051e
Split public rooms directory auth config in two
2019-06-24 15:42:31 +01:00
Amber Brown
32e7c9e7f2
Run Black. ( #5482 )
2019-06-20 19:32:02 +10:00
Erik Johnston
e9344e0dee
Merge pull request #5390 from matrix-org/erikj/dont_log_on_fail_to_get_file
...
Don't log exception when failing to fetch remote content.
2019-06-14 14:25:14 +01:00
Erik Johnston
7e68691ce9
Merge branch 'master' of github.com:matrix-org/synapse into develop
2019-06-11 17:25:16 +01:00
Erik Johnston
10383e6e6f
Change password reset links to /_matrix.
2019-06-11 11:34:33 +01:00
Andrew Morgan
2ddc13577c
Don't warn user about password reset disabling through config code ( #5387 )
...
Moves the warning about password resets being disabled to the point where a user actually tries to reset their password. Is this an appropriate place for it to happen?
Also removed the disabling of msisdn password resets when you don't have an email config, as that just doesn't make sense.
Also change the error a user receives upon disabled passwords to specify that only email-based password reset is disabled.
2019-06-11 00:25:07 +01:00
Brendan Abolivier
26b62796c2
Merge pull request #5363 from matrix-org/babolivier/account_validity_send_mail_auth
...
Don't check whether the user's account is expired on /send_mail requests
2019-06-10 11:57:02 +01:00
Erik Johnston
95d38afe96
Don't log exception when failing to fetch remote content.
...
In particular, let's not log stack traces when we stop processing
becuase the response body was too large.
2019-06-07 12:39:10 +01:00
Andrew Morgan
3719680ee4
Add ability to perform password reset via email without trusting the identity server ( #5377 )
...
Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option.
This PR is a culmination of 3 smaller PRs which have each been separately reviewed:
* #5308
* #5345
* #5368
2019-06-06 17:34:07 +01:00
Brendan Abolivier
fe13bd52ac
Don't check whether the user's account is expired on /send_mail requests
2019-06-05 16:35:05 +01:00
Neil Johnson
94f6c674df
Neilj/add r0.5 to versions ( #5360 )
...
* Update _matrix/client/versions to reference support for r0.5.0
2019-06-05 16:11:31 +01:00
Richard van der Hoff
cb683d3e3c
Merge pull request #5333 from matrix-org/rav/server_keys/09_improve_notary_server
...
Fixes for the key-notary server
2019-06-04 11:48:18 +01:00
Amber Brown
b2b90b7d34
Hawkowl/fix missing auth ( #5328 )
2019-06-04 15:54:27 +10:00
Richard van der Hoff
c5d60eadd5
Notary server: make requests to origins in parallel
...
... else we're guaranteed to time out.
2019-06-04 00:16:56 +01:00
Amber Brown
2889b05554
Unify v1 and v2 REST client APIs ( #5226 )
2019-06-03 21:28:59 +10:00
Eisha Chen-yen-su
8824325b82
Fix ignored filter field in /messages
endpoint
...
This fixes a bug which were causing the "event_format" field to be
ignored in the filter of requests to the `/messages` endpoint of the
CS API.
Signed-off-by: Eisha Chen-yen-su <chenyensu0@gmail.com>
2019-05-30 16:58:53 +02:00
Erik Johnston
45f5d8f3fd
Merge pull request #5256 from aaronraimist/logout-correct-error
...
Show correct error when logging out and access token is missing
2019-05-30 13:33:44 +01:00
Aaron Raimist
123918b739
Lint
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-29 14:44:28 -05:00
Amber Brown
46c8f7a517
Implement the SHHS complexity API ( #5216 )
2019-05-30 01:47:16 +10:00
Amber Brown
532b825ed9
Serve CAS login over r0 ( #5286 )
2019-05-30 00:55:18 +10:00
Aaron Raimist
30858ff461
Fix error when downloading thumbnail with width/height param missing ( #5258 )
...
Fix error when downloading thumbnail with width/height param missing
Fixes #2748
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-29 14:27:41 +01:00
Aaron Raimist
119c9c10b0
Get rid of try except
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-27 00:13:56 -05:00
Aaron Raimist
56f07d980a
Show correct error when logging out and access token is missing
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-24 16:32:27 -05:00
Erik Johnston
d16f5574b6
Merge pull request #5220 from matrix-org/erikj/dont_bundle_live_events
...
Don't bundle aggregations with events in /sync or /events or state queries
2019-05-24 10:36:31 +01:00
Erik Johnston
8c41c04ee4
Merge pull request #5244 from matrix-org/rav/server_keys/00-factor-out-fetchers
...
Factor out KeyFetchers from KeyRing
2019-05-23 16:28:51 +01:00
Andrew Morgan
6368150a74
Add config option for setting homeserver's default room version ( #5223 )
...
Replaces DEFAULT_ROOM_VERSION constant with a method that first checks the config, then returns a hardcoded value if the option is not present.
That hardcoded value is now located in the server.py config file.
2019-05-23 15:00:20 +01:00
Richard van der Hoff
ec24108cc2
Fix remote_key_resource
2019-05-23 14:52:13 +01:00
Erik Johnston
de7672b78f
Don't bundle events in /sync or /events
...
As we'll send down the annotations too anyway, so this just ends up
confusing clients.
2019-05-21 13:54:09 +01:00
Erik Johnston
57ba3451b6
Merge pull request #5209 from matrix-org/erikj/reactions_base
...
Land basic reaction and edit support.
2019-05-20 14:06:40 +01:00
PauRE
f89f688a55
Fix image orientation when generating thumbnail ( #5039 )
2019-05-16 19:04:26 +01:00
David Baker
07cff7b121
Merge pull request #5174 from matrix-org/dbkr/add_dummy_flow_to_recaptcha_only
...
Re-order registration stages to do msisdn & email auth last
2019-05-16 17:27:39 +01:00
Erik Johnston
7a7eba8302
Move parsing of tokens out of storage layer
2019-05-16 14:26:23 +01:00
Erik Johnston
95f3fcda3c
Check that event is visible in new APIs
2019-05-16 14:19:06 +01:00
David Baker
fafb936de5
Merge pull request #5187 from matrix-org/dbkr/only_check_threepid_not_in_use_if_actually_registering
...
Only check 3pids not in use when registering
2019-05-16 10:58:09 +01:00
Erik Johnston
a0603523d2
Add aggregations API
2019-05-16 09:37:20 +01:00
Amber Brown
f1e5b41388
Make all the rate limiting options more consistent ( #5181 )
2019-05-15 12:06:04 -05:00
Richard van der Hoff
5f027a315f
Drop support for v2_alpha API prefix ( #5190 )
2019-05-15 17:37:46 +01:00
Erik Johnston
e6459c26b4
Actually implement idempotency
2019-05-15 17:28:33 +01:00
Erik Johnston
b50641e357
Add simple pagination API
2019-05-15 13:36:51 +01:00
Erik Johnston
efe3c7977a
Add simple send_relation API and track in DB
2019-05-15 13:36:51 +01:00
David Baker
6ca88c4693
Only check 3pids not in use when registering
...
We checked that 3pids were not already in use before we checked if
we were going to return the account previously registered in the
same UI auth session, in which case the 3pids will definitely
be in use.
https://github.com/vector-im/riot-web/issues/9586
2019-05-14 19:04:59 +01:00
Erik Johnston
a80e6b53f9
Newsfile
2019-05-14 13:12:23 +01:00
Erik Johnston
b54b03f9e1
Allow client event serialization to be async
2019-05-14 11:58:01 +01:00
Amber Brown
df2ebd75d3
Migrate all tests to use the dict-based config format instead of hanging items off HomeserverConfig ( #5171 )
2019-05-13 15:01:14 -05:00
David Baker
9e99143c47
Merge remote-tracking branch 'origin/develop' into dbkr/add_dummy_flow_to_recaptcha_only
2019-05-13 15:37:03 +01:00
Andrew Morgan
2f48c4e1ae
URL preview blacklisting fixes ( #5155 )
...
Prevents a SynapseError being raised inside of a IResolutionReceiver and instead opts to just return 0 results. This thus means that we have to lump a failed lookup and a blacklisted lookup together with the same error message, but the substitute should be generic enough to cover both cases.
2019-05-10 10:32:44 -07:00
David Baker
04299132af
Re-order flows so that email auth is done last
...
It's more natural for the user if the bit that takes them away
from the registration flow comes last. Adding the dummy stage allows
us to do the stages in this order without the ambiguity.
2019-05-10 13:58:03 +01:00
David Baker
9c61dce3c8
Comment
2019-05-10 11:14:55 +01:00