86a00e05e1 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'develop' of github.com:matrix-org/synapse into neilj/fix_off_by_1+maus  
							
							
							
						 
						
							2018-08-15 16:27:08 +01:00  
				
					
						
							
							
								 
						
							
							
								fef2e65d12 
								
									
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #3667  from matrix-org/erikj/fixup_unbind  
							
							... 
							
							
							
							Don't fail requests to unbind 3pids for non supporting ID servers 
							
						 
						
							2018-08-15 10:32:12 +01:00  
				
					
						
							
							
								 
						
							
							
								ed4bc3d2fc 
								
							
								 
							
						 
						
							
							
								
								fix off by 1s on mau  
							
							
							
						 
						
							2018-08-14 15:04:48 +01:00  
				
					
						
							
							
								 
						
							
							
								360ba89c50 
								
							
								 
							
						 
						
							
							
								
								Don't fail requests to unbind 3pids for non supporting ID servers  
							
							... 
							
							
							
							Older identity servers may not support the unbind 3pid request, so we
shouldn't fail the requests if we received one of 400/404/501. The
request still fails if we receive e.g. 500 responses, allowing clients
to retry requests on transient identity server errors that otherwise do
support the API.
Fixes  #3661  
							
						 
						
							2018-08-08 12:06:18 +01:00  
				
					
						
							
							
								 
						
							
							
								886be75ad1 
								
							
								 
							
						 
						
							
							
								
								bug fixes  
							
							
							
						 
						
							2018-08-03 22:29:03 +01:00  
				
					
						
							
							
								 
						
							
							
								74b1d46ad9 
								
							
								 
							
						 
						
							
							
								
								do mau checks based on monthly_active_users table  
							
							
							
						 
						
							2018-08-02 16:57:35 +01:00  
				
					
						
							
							
								 
						
							
							
								085435e13a 
								
									
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #3630  from matrix-org/neilj/mau_sign_in_log_in_limits  
							
							... 
							
							
							
							Initial impl of capping MAU 
							
						 
						
							2018-08-01 15:58:45 +00:00  
				
					
						
							
							
								 
						
							
							
								da7785147d 
								
									
								
							
								 
							
						 
						
							
							
								
								Python 3: Convert some unicode/bytes uses ( #3569 )  
							
							
							
						 
						
							2018-08-02 00:54:06 +10:00  
				
					
						
							
							
								 
						
							
							
								0aba3d361a 
								
							
								 
							
						 
						
							
							
								
								count_monthly_users() async  
							
							
							
						 
						
							2018-08-01 11:47:58 +01:00  
				
					
						
							
							
								 
						
							
							
								df2235e7fa 
								
							
								 
							
						 
						
							
							
								
								coding style  
							
							
							
						 
						
							2018-07-31 13:16:20 +01:00  
				
					
						
							
							
								 
						
							
							
								251e6c1210 
								
							
								 
							
						 
						
							
							
								
								limit register and sign in on number of monthly users  
							
							
							
						 
						
							2018-07-30 15:55:57 +01:00  
				
					
						
							
							
								 
						
							
							
								49af402019 
								
							
								 
							
						 
						
							
							
								
								run isort  
							
							
							
						 
						
							2018-07-09 16:09:20 +10:00  
				
					
						
							
							
								 
						
							
							
								6350bf925e 
								
									
								
							
								 
							
						 
						
							
							
								
								Attempt to be more performant on PyPy ( #3462 )  
							
							
							
						 
						
							2018-06-28 14:49:57 +01:00  
				
					
						
							
							
								 
						
							
							
								77ac14b960 
								
									
								
							
								 
							
						 
						
							
							
								
								Pass around the reactor explicitly ( #3385 )  
							
							
							
						 
						
							2018-06-22 09:37:10 +01:00  
				
					
						
							
							
								 
						
							
							
								a61738b316 
								
									
								
							
								 
							
						 
						
							
							
								
								Remove run_on_reactor ( #3395 )  
							
							
							
						 
						
							2018-06-14 18:27:37 +10:00  
				
					
						
							
							
								 
						
							
							
								187a546bff 
								
									
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #3276  from matrix-org/dbkr/unbind  
							
							... 
							
							
							
							Remove email addresses / phone numbers from ID servers when they're removed from synapse 
							
						 
						
							2018-06-11 16:02:00 +01:00  
				
					
						
							
							
								 
						
							
							
								e44150a6de 
								
							
								 
							
						 
						
							
							
								
								Missing yield  
							
							
							
						 
						
							2018-06-04 12:01:13 +01:00  
				
					
						
							
							
								 
						
							
							
								c936a52a9e 
								
									
								
							
								 
							
						 
						
							
							
								
								Consistently use six's iteritems and wrap lazy keys/values in list() if they're not meant to be lazy ( #3307 )  
							
							
							
						 
						
							2018-05-31 19:03:47 +10:00  
				
					
						
							
							
								 
						
							
							
								9700d15611 
								
							
								 
							
						 
						
							
							
								
								pep8  
							
							
							
						 
						
							2018-05-24 11:23:15 +01:00  
				
					
						
							
							
								 
						
							
							
								b3bff53178 
								
							
								 
							
						 
						
							
							
								
								Unbind 3pids when they're deleted too  
							
							
							
						 
						
							2018-05-24 11:08:05 +01:00  
				
					
						
							
							
								 
						
							
							
								ed9b5eced4 
								
							
								 
							
						 
						
							
							
								
								use bcrypt.checkpw  
							
							... 
							
							
							
							in bcrypt 3.1.0 checkpw got introduced (already 2 years ago)
This makes use of that with enhancements which might get introduced
by that
Signed-Off-by: Matthias Kesler <krombel@krombel.de> 
							
						 
						
							2018-03-05 18:02:59 +01:00  
				
					
						
							
							
								 
						
							
							
								825a07a974 
								
									
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #2773  from matrix-org/erikj/hash_bg  
							
							... 
							
							
							
							Do bcrypt hashing in a background thread 
							
						 
						
							2018-01-10 18:11:41 +00:00  
				
					
						
							
							
								 
						
							
							
								f8e1ab5fee 
								
							
								 
							
						 
						
							
							
								
								Do bcrypt hashing in a background thread  
							
							
							
						 
						
							2018-01-10 18:01:28 +00:00  
				
					
						
							
							
								 
						
							
							
								da1010c83a 
								
							
								 
							
						 
						
							
							
								
								support custom login types for validating users  
							
							... 
							
							
							
							Wire the custom login type support from password providers into the UI-auth
user-validation flows. 
							
						 
						
							2017-12-05 09:43:30 +00:00  
				
					
						
							
							
								 
						
							
							
								d7ea8c4800 
								
							
								 
							
						 
						
							
							
								
								Factor out a validate_user_via_ui_auth method  
							
							... 
							
							
							
							Collect together all the places that validate a logged-in user via UI auth. 
							
						 
						
							2017-12-05 09:42:30 +00:00  
				
					
						
							
							
								 
						
							
							
								d5f9fb06b0 
								
							
								 
							
						 
						
							
							
								
								Refactor UI auth implementation  
							
							... 
							
							
							
							Instead of returning False when auth is incomplete, throw an exception which
can be caught with a wrapper. 
							
						 
						
							2017-12-05 09:40:05 +00:00  
				
					
						
							
							
								 
						
							
							
								ae31f8ce45 
								
							
								 
							
						 
						
							
							
								
								Move set_password into its own handler  
							
							... 
							
							
							
							Non-functional refactoring to move set_password. This means that we'll be able
to properly deactivate devices and access tokens without introducing a
dependency loop. 
							
						 
						
							2017-11-29 16:44:35 +00:00  
				
					
						
							
							
								 
						
							
							
								7ca5c68233 
								
							
								 
							
						 
						
							
							
								
								Move deactivate_account into its own handler  
							
							... 
							
							
							
							Non-functional refactoring to move deactivate_account. This means that we'll be
able to properly deactivate devices and access tokens without introducing a
dependency loop. 
							
						 
						
							2017-11-29 16:44:35 +00:00  
				
					
						
							
							
								 
						
							
							
								2c6d63922a 
								
							
								 
							
						 
						
							
							
								
								Remove pushers when deleting access tokens  
							
							... 
							
							
							
							Whenever an access token is invalidated, we should remove the associated
pushers. 
							
						 
						
							2017-11-29 16:44:35 +00:00  
				
					
						
							
							
								 
						
							
							
								624a8bbd67 
								
							
								 
							
						 
						
							
							
								
								Fix auth handler  #2678  
							
							
							
						 
						
							2017-11-16 17:19:02 +00:00  
				
					
						
							
							
								 
						
							
							
								1189be43a2 
								
							
								 
							
						 
						
							
							
								
								Factor _AccountHandler proxy out to ModuleApi  
							
							... 
							
							
							
							We're going to need to use this from places that aren't password auth, so let's
move it to a proper class. 
							
						 
						
							2017-11-02 14:36:11 +00:00  
				
					
						
							
							
								 
						
							
							
								b19d9e2174 
								
									
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #2624  from matrix-org/rav/password_provider_notify_logout  
							
							... 
							
							
							
							Notify auth providers on logout 
							
						 
						
							2017-11-02 10:55:17 +00:00  
				
					
						
							
							
								 
						
							
							
								1f080a6c97 
								
									
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #2623  from matrix-org/rav/callbacks_for_auth_providers  
							
							... 
							
							
							
							Allow password_auth_providers to return a callback 
							
						 
						
							2017-11-02 10:49:03 +00:00  
				
					
						
							
							
								 
						
							
							
								04897c9dc1 
								
									
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #2622  from matrix-org/rav/db_access_for_auth_providers  
							
							... 
							
							
							
							Let auth providers get to the database 
							
						 
						
							2017-11-02 10:41:25 +00:00  
				
					
						
							
							
								 
						
							
							
								979eed4362 
								
							
								 
							
						 
						
							
							
								
								Fix user-interactive password auth  
							
							... 
							
							
							
							this got broken in the previous commit 
							
						 
						
							2017-11-01 17:03:20 +00:00  
				
					
						
							
							
								 
						
							
							
								bc8a5c0330 
								
							
								 
							
						 
						
							
							
								
								Notify auth providers on logout  
							
							... 
							
							
							
							Provide a hook by which auth providers can be notified of logouts. 
							
						 
						
							2017-11-01 16:51:51 +00:00  
				
					
						
							
							
								 
						
							
							
								4c8f94ac94 
								
							
								 
							
						 
						
							
							
								
								Allow password_auth_providers to return a callback  
							
							... 
							
							
							
							... so that they have a way to record access tokens. 
							
						 
						
							2017-11-01 16:51:03 +00:00  
				
					
						
							
							
								 
						
							
							
								846a94fbc9 
								
									
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #2620  from matrix-org/rav/auth_non_password  
							
							... 
							
							
							
							Let password auth providers handle arbitrary login types 
							
						 
						
							2017-11-01 16:45:33 +00:00  
				
					
						
							
							
								 
						
							
							
								3cd6b22c7b 
								
							
								 
							
						 
						
							
							
								
								Let password auth providers handle arbitrary login types  
							
							... 
							
							
							
							Provide a hook where password auth providers can say they know about other
login types, and get passed the relevant parameters 
							
						 
						
							2017-11-01 16:43:57 +00:00  
				
					
						
							
							
								 
						
							
							
								4f0488b307 
								
							
								 
							
						 
						
							
							
								
								Merge remote-tracking branch 'origin/develop' into rav/refactor_accesstoken_delete  
							
							
							
						 
						
							2017-11-01 16:20:19 +00:00  
				
					
						
							
							
								 
						
							
							
								dd13310fb8 
								
							
								 
							
						 
						
							
							
								
								Move access token deletion into auth handler  
							
							... 
							
							
							
							Also move duplicated deactivation code into the auth handler.
I want to add some hooks when we deactivate an access token, so let's bring it
all in here so that there's somewhere to put it. 
							
						 
						
							2017-11-01 15:46:22 +00:00  
				
					
						
							
							
								 
						
							
							
								74c56f794c 
								
							
								 
							
						 
						
							
							
								
								Break dependency of auth_handler on device_handler  
							
							... 
							
							
							
							I'm going to need to make the device_handler depend on the auth_handler, so I
need to break this dependency to avoid a cycle.
It turns out that the auth_handler was only using the device_handler in one
place which was an edge case which we can more elegantly handle by throwing an
error rather than fixing it up. 
							
						 
						
							2017-11-01 10:27:06 +00:00  
				
					
						
							
							
								 
						
							
							
								3e0aaad190 
								
							
								 
							
						 
						
							
							
								
								Let auth providers get to the database  
							
							... 
							
							
							
							Somewhat open to abuse, but also somewhat unavoidable :/ 
							
						 
						
							2017-10-31 17:22:29 +00:00  
				
					
						
							
							
								 
						
							
							
								1b65ae00ac 
								
							
								 
							
						 
						
							
							
								
								Refactor some logic from LoginRestServlet into AuthHandler  
							
							... 
							
							
							
							I'm going to need some more flexibility in handling login types in password
auth providers, so as a first step, move some stuff from LoginRestServlet into
AuthHandler.
In particular, we pass everything other than SAML, JWT and token logins down to
the AuthHandler, which now has responsibility for checking the login type and
fishing the password out of the login dictionary, as well as qualifying the
user_id if need be. Ideally SAML, JWT and token would go that way too, but
there's no real need for it right now and I'm trying to minimise impact.
This commit *should* be non-functional. 
							
						 
						
							2017-10-31 10:48:41 +00:00  
				
					
						
							
							
								 
						
							
							
								785bd7fd75 
								
							
								 
							
						 
						
							
							
								
								Allow ASes to deactivate their own users  
							
							
							
						 
						
							2017-10-27 00:01:00 +01:00  
				
					
						
							
							
								 
						
							
							
								631d7b87b5 
								
							
								 
							
						 
						
							
							
								
								Remove pointless create() method  
							
							... 
							
							
							
							It just calls the constructor, so we may as well kill it rather than having
random codepaths. 
							
						 
						
							2017-10-20 22:14:55 +01:00  
				
					
						
							
							
								 
						
							
							
								c72058bcc6 
								
							
								 
							
						 
						
							
							
								
								Use an ExpiringCache for storing registration sessions  
							
							... 
							
							
							
							This is because pruning them was a significant performance drain on
matrix.org 
							
						 
						
							2017-06-29 14:08:37 +01:00  
				
					
						
							
							
								 
						
							
							
								73a5f06652 
								
							
								 
							
						 
						
							
							
								
								Support registration / login with phone number  
							
							... 
							
							
							
							Changes from https://github.com/matrix-org/synapse/pull/1971  
							
						 
						
							2017-03-13 17:27:51 +00:00  
				
					
						
							
							
								 
						
							
							
								7eae6eaa2f 
								
							
								 
							
						 
						
							
							
								
								Revert "Support registration & login with phone number"  
							
							
							
						 
						
							2017-03-13 09:59:33 +00:00  
				
					
						
							
							
								 
						
							
							
								0e0aee25c4 
								
							
								 
							
						 
						
							
							
								
								Fix log line  
							
							
							
						 
						
							2017-03-08 11:46:22 +00:00