Richard van der Hoff
6fe6a6f029
Fix login with m.login.token
...
login with token (as used by CAS auth) was broken by 067596d
, such that it
always returned a 401.
2016-08-08 16:40:39 +01:00
Mark Haines
c63b1697f4
Merge pull request #952 from matrix-org/markjh/more_fixes
...
Check if the user is banned when handling 3pid invites
2016-07-26 19:20:56 +01:00
Richard van der Hoff
eb359eced4
Add `create_requester` function
...
Wrap the `Requester` constructor with a function which provides sensible
defaults, and use it throughout
2016-07-26 16:46:53 +01:00
Mark Haines
c824b29e77
Check if the user is banned when handling 3pid invites
2016-07-26 16:39:14 +01:00
Richard van der Hoff
ec041b335e
Record device_id in client_ips
...
Record the device_id when we add a client ip; it's somewhat redundant as we
could get it via the access_token, but it will make querying rather easier.
2016-07-20 16:41:03 +01:00
Richard van der Hoff
053e83dafb
More doc-comments
...
Fix some more comments on some things
2016-07-20 16:40:28 +01:00
Erik Johnston
1e2a7f18a1
Merge pull request #922 from matrix-org/erikj/file_api2
...
Feature: Add filter to /messages. Add 'contains_url' to filter.
2016-07-20 10:40:48 +01:00
Mark Haines
d137e03231
Fix 500 ISE when sending alias event without a state_key
2016-07-15 18:58:25 +01:00
Erik Johnston
bd7c51921d
Merge pull request #919 from matrix-org/erikj/auth_fix
...
Various auth.py fixes.
2016-07-15 11:38:33 +01:00
Erik Johnston
ebdafd8114
Check sender signed event
2016-07-14 17:03:24 +01:00
Erik Johnston
209e04fa11
Merge pull request #918 from negzi/bugfix_for_token_expiry
...
Bug fix: expire invalid access tokens
2016-07-14 15:51:52 +01:00
Erik Johnston
e5142f65a6
Add 'contains_url' to filter
2016-07-14 15:35:48 +01:00
Negar Fazeli
0136a522b1
Bug fix: expire invalid access tokens
2016-07-13 15:00:37 +02:00
Erik Johnston
2cb758ac75
Check if alias event's state_key matches sender's domain
2016-07-13 13:12:25 +01:00
Erik Johnston
560c71c735
Check creation event's room_id domain matches sender's
2016-07-13 13:07:19 +01:00
David Baker
385aec4010
Implement https://github.com/matrix-org/matrix-doc/pull/346/files
2016-07-08 17:42:48 +01:00
Erik Johnston
58930da52b
Merge branch 'master' of github.com:matrix-org/synapse into develop
2016-07-08 14:11:37 +01:00
Erik Johnston
067596d341
Fix bug where we did not correctly explode when multiple user_ids were set in macaroon
2016-07-07 16:22:24 +01:00
David Baker
be8be535f7
requestToken update
...
Don't send requestToken request to untrusted ID servers
Also correct the THREEPID_IN_USE error to add the M_ prefix. This is a backwards incomaptible change, but the only thing using this is the angular client which is now unmaintained, so it's probably better to just do this now.
2016-06-30 17:51:28 +01:00
David Baker
1f31cc37f8
Working unsubscribe links going straight to the HS
...
and authed by macaroons that let you delete pushers and nothing else
2016-06-02 17:21:31 +01:00
David Baker
812b5de0fe
Merge remote-tracking branch 'origin/develop' into dbkr/email_unsubscribe
2016-06-02 15:33:28 +01:00
Matthew Hodgson
aaa70e26a2
special case m.room.third_party_invite event auth to match invites, otherwise they get out of sync and you get https://github.com/vector-im/vector-web/issues/1208
2016-06-01 22:13:47 +01:00
David Baker
991af8b0d6
WIP on unsubscribing email notifs without logging in
2016-06-01 17:40:52 +01:00
Mark Haines
1a3a2002ff
Spell "domain" correctly
...
s/domian/domain/g
2016-05-16 19:17:23 +01:00
Negi Fazeli
40aa6e8349
Create user with expiry
...
- Add unittests for client, api and handler
Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
2016-05-13 15:34:15 +02:00
Erik Johnston
c9eb6dfc1b
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/ignore_user
2016-05-09 13:21:06 +01:00
Erik Johnston
08dfa8eee2
Add and use get_domian_from_id
2016-05-09 10:36:03 +01:00
Erik Johnston
a438a6d2bc
Implement basic ignore user
2016-05-04 10:16:46 +01:00
Erik Johnston
0f2ca8cde1
Measure Auth.check
2016-04-13 11:15:59 +01:00
Erik Johnston
c53f9d561e
Don't auto log failed auth checks
2016-04-13 11:11:46 +01:00
Erik Johnston
3e7fac0d56
Add published room list edit API
2016-03-21 15:06:07 +00:00
David Baker
874fd43257
Send the user ID matching the guest access token, since there is no Matrix API to discover what user ID an access token is for.
2016-03-07 17:13:56 +00:00
Daniel Wagner-Hall
577951b032
Allow third_party_signed to be specified on /join
2016-02-23 15:11:25 +00:00
Erik Johnston
e5ad2e5267
Merge pull request #582 from matrix-org/erikj/presence
...
Rewrite presence for performance.
2016-02-19 09:37:50 +00:00
Erik Johnston
114b929f8b
Check presence state is a valid one
2016-02-18 09:16:32 +00:00
Patrik Oldsberg
536f949a1a
api/filtering: don't assume that event content will always be a dict
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-02-17 12:59:41 +01:00
Daniel Wagner-Hall
4de08a4672
Revert "Merge two of the room join codepaths"
...
This reverts commit cf81375b94
.
It subtly violates a guest joining auth check
2016-02-12 16:17:24 +00:00
Daniel Wagner-Hall
cf81375b94
Merge two of the room join codepaths
...
There's at least one more to merge in.
Side-effects:
* Stop reporting None as displayname and avatar_url in some cases
* Joining a room by alias populates guest-ness in join event
* Remove unspec'd PUT version of /join/<room_id_or_alias> which has not
been called on matrix.org according to logs
* Stop recording access_token_id on /join/room_id - currently we don't
record it on /join/room_alias; I can try to thread it through at some
point.
2016-02-12 15:11:49 +00:00
Erik Johnston
2c1fbea531
Fix up logcontexts
2016-02-08 14:26:45 +00:00
Daniel Wagner-Hall
737c4223ef
Host /media/r0 as well as /media/v1
2016-02-05 10:47:46 +00:00
Daniel Wagner-Hall
2df6114bc4
Log more diagnostics for unrecognised access tokens
2016-02-02 19:21:49 +00:00
Daniel Wagner-Hall
d83d004ccd
Fix flake8 warnings for new flake8
2016-02-02 17:18:50 +00:00
Erik Johnston
35981c8b71
Fix test
2016-01-28 17:20:05 +00:00
Erik Johnston
8c6012a4af
Fix tests
2016-01-25 13:12:35 +00:00
Erik Johnston
4021f95261
Move logic from rest/ to handlers/
2016-01-25 10:10:44 +00:00
Erik Johnston
975903ae17
Sanitize filters
2016-01-22 10:41:30 +00:00
Daniel Wagner-Hall
808a8aedab
Don't error on AS non-ghost user use
...
This will probably go away either when we fix our existing ASes, or when
we kill the concept of non-ghost users.
2016-01-18 16:33:05 +00:00
Daniel Wagner-Hall
74474a6d63
Pull out app service user lookup
...
I find this a lot simpler than nested try-catches and stuff
2016-01-18 16:32:33 +00:00
Daniel Wagner-Hall
ac5a4477ad
Require unbanning before other membership changes
2016-01-15 16:27:26 +00:00
David Baker
5819b7a78c
M_INVALID_USERNAME to be consistent with the parameter name
2016-01-15 10:06:34 +00:00