d16c6375fe
Limit displaynames and avatar URLs
...
These end up in join events everywhere, so let's limit them.
Fixes #5079
2019-06-01 10:44:36 +01:00
3787133c9e
Limit UserIds to a length that fits in a state key ( #5198 )
2019-05-20 11:20:08 +01:00
7a91b9d81c
Allow password providers to bind emails ( #4947 )
...
This PR allows password provider modules to bind email addresses when a user is registering and is motivated by matrix-org/matrix-synapse-ldap3#58
2019-03-28 15:48:07 +00:00
bbd244c7b2
Support 3PID login in password providers ( #4931 )
...
Adds a new method, check_3pid_auth, which gives password providers
the chance to allow authentication with third-party identifiers such
as email or msisdn.
2019-03-26 17:48:30 +00:00
88f0675967
fix test_auto_create_auto_join_where_no_consent ( #4886 )
2019-03-19 11:38:59 +00:00
899e523d6d
Add ratelimiting on login ( #4821 )
...
Add two ratelimiters on login (per-IP address and per-userID).
2019-03-15 17:46:16 +00:00
6f3cde8b25
Make registration ratelimiter separate from the main events one
2019-03-06 11:02:42 +00:00
f4195f4118
Revert "Split ratelimiters in two (one for events, one for registration)"
...
This reverts commit d7dbad3526
2019-03-06 10:55:22 +00:00
d7dbad3526
Split ratelimiters in two (one for events, one for registration)
2019-03-05 18:41:27 +00:00
a4c3a361b7
Add rate-limiting on registration ( #4735 )
...
* Rate-limiting for registration
* Add unit test for registration rate limiting
* Add config parameters for rate limiting on auth endpoints
* Doc
* Fix doc of rate limiting function
Co-Authored-By: babolivier <contact@brendanabolivier.com>
* Incorporate review
* Fix config parsing
* Fix linting errors
* Set default config for auth rate limiting
* Fix tests
* Add changelog
* Advance reactor instead of mocked clock
* Move parameters to registration specific config and give them more sensible default values
* Remove unused config options
* Don't mock the rate limiter un MAU tests
* Rename _register_with_store into register_with_store
* Make CI happy
* Remove unused import
* Update sample config
* Fix ratelimiting test for py2
* Add non-guest test
2019-03-05 14:25:33 +00:00
70ea2f4e1d
switch from google.com to recaptcha.net for reCAPTCHA ( #4731 )
...
* add trivial clarification about jemalloc
* switch from google.com to recaptcha.net
because https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally
2019-02-25 11:15:36 -08:00
dbdc565dfd
Fix registration on workers ( #4682 )
...
* Move RegistrationHandler init to HomeServer
* Move post registration actions to RegistrationHandler
* Add post regisration replication endpoint
* Newsfile
2019-02-20 18:47:31 +11:00
af691e415c
Move register_device into handler
2019-02-18 16:49:38 +00:00
eb2b8523ae
Split out registration to worker
...
This allows registration to be handled by a worker, though the actual
write to the database still happens on master.
Note: due to the in-memory session map all registration requests must be
handled by the same worker.
2019-02-18 12:12:57 +00:00
d2f7c4e6b1
create support user ( #4141 )
...
Allow for the creation of a support user.
A support user can access the server, join rooms, interact with other users, but does not appear in the user directory nor does it contribute to monthly active user limits.
2018-12-14 18:20:59 +00:00
30da50a5b8
Initialise user displayname from SAML2 data ( #4272 )
...
When we register a new user from SAML2 data, initialise their displayname
correctly.
2018-12-07 14:44:46 +01:00
b0c24a66ec
Rip out half-implemented m.login.saml2 support ( #4265 )
...
* Rip out half-implemented m.login.saml2 support
This was implemented in an odd way that left most of the work to the client, in
a way that I really didn't understand. It's going to be a pain to maintain, so
let's start by ripping it out.
* drop undocumented dependency on dateutil
It turns out we were relying on dateutil being pulled in transitively by
pysaml2. There's no need for that bloat.
2018-12-06 19:44:38 +11:00
7039ece8fb
Neilj/fix autojoin ( #4223 )
...
* Fix auto join failures for servers that require user consent
* Fix auto join failures for servers that require user consent
2018-11-28 22:24:57 +11:00
4cd1c9f2ff
Delete the disused & unspecced identicon functionality ( #4106 )
2018-10-29 23:57:24 +11:00
7f7b2cd3de
Make room_member_handler a member of RoomCreationHandler
...
... to save passing it into `_send_events_for_new_room`
2018-10-25 19:10:18 +01:00
9532caf6ef
remove trailing whiter space
2018-10-24 16:08:25 +01:00
94a49e0636
fix tuple
...
Co-Authored-By: neilisfragile <neil@matrix.org>
2018-10-24 14:39:23 +01:00
a67d8ace9b
remove errant exception and style
2018-10-23 17:44:39 +01:00
c6584f4b5f
clean up config error logic and imports
2018-10-17 11:36:41 +01:00
1ccafb0c5e
no need to join room if creator
2018-10-13 21:14:21 +01:00
a2bfb778c8
improve auto room join logic, comments and tests
2018-10-12 18:17:36 +01:00
2dadc092b8
move logic into register, fix room alias localpart bug, tests
2018-10-04 17:00:27 +01:00
23b6a0537f
emit room aliases event
2018-09-29 02:19:37 +01:00
5b68f29f48
fix thinkos
2018-09-29 02:14:40 +01:00
8f646f2d04
fix UTs
2018-09-28 15:37:28 +01:00
07340cdaca
untested stab at autocreating autojoin rooms
2018-09-28 01:42:53 +01:00
d42d79e3c3
don't ratelimit autojoins
2018-09-15 22:27:41 +01:00
ea068d6f3c
fix bug where preserved threepid user comes to sign up and server is mau blocked
2018-08-31 10:49:14 +01:00
c74c71128d
remove blank line
2018-08-14 15:06:24 +01:00
99ebaed8e6
Update register.py
...
remove comments
2018-08-14 14:55:55 +01:00
f4b49152e2
support admin_email config and pass through into blocking errors, return AuthError in all cases
2018-08-13 21:09:47 +01:00
ce7de9ae6b
Revert "support admin_email config and pass through into blocking errors, return AuthError in all cases"
...
This reverts commit 0d43f991a1
2018-08-13 18:06:18 +01:00
0d43f991a1
support admin_email config and pass through into blocking errors, return AuthError in all cases
2018-08-13 18:00:23 +01:00
b37c472419
Rename async to async_helpers because `async` is a keyword on Python 3.7 ( #3678 )
2018-08-10 23:50:21 +10:00
e40a510fbf
py3 fix
2018-08-03 23:19:13 +01:00
886be75ad1
bug fixes
2018-08-03 22:29:03 +01:00
74b1d46ad9
do mau checks based on monthly_active_users table
2018-08-02 16:57:35 +01:00
085435e13a
Merge pull request #3630 from matrix-org/neilj/mau_sign_in_log_in_limits
...
Initial impl of capping MAU
2018-08-01 15:58:45 +00:00
da7785147d
Python 3: Convert some unicode/bytes uses ( #3569 )
2018-08-02 00:54:06 +10:00
7931393495
make count_monthly_users async synapse/handlers/auth.py
2018-08-01 10:21:56 +01:00
251e6c1210
limit register and sign in on number of monthly users
2018-07-30 15:55:57 +01:00
49af402019
run isort
2018-07-09 16:09:20 +10:00
a61738b316
Remove run_on_reactor ( #3395 )
2018-06-14 18:27:37 +10:00
fed62e21ad
Infrastructure for a server notices room
...
Server Notices use a special room which the user can't dismiss. They are
created on demand when some other bit of the code calls send_notice.
(This doesn't actually do much yet becuse we don't call send_notice anywhere)
2018-05-17 17:58:25 +01:00
6152e253d8
Merge branch 'develop' of into allow_auto_join_rooms
2018-03-28 14:45:28 +02:00
Richard van der Hoff