letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
NaN Commits 2 Branches 1 Tag
main
Commit Graph

106 Commits

Author SHA1 Message Date
Letro Bot
def6fa6539 Integrate postnumber resolver across MAS flows 2026-04-08 17:58:30 +03:30
Letro Bot
1bad9bdb7c rebranding html templates and styles 2026-04-03 17:30:09 +03:30
Quentin Gliech
8a39f4181f Fix the consent templates failing to render in tests 2025-12-03 10:27:18 +01:00
Quentin Gliech
8a615fd8ba Merge remote-tracking branch 'origin/main' into quenting/simpler-consent-screen 2025-12-02 19:42:57 +01:00
Quentin Gliech
ebc30f3776 Make the compat SSO login page use the same layout as other consent 
pages
 2025-12-02 18:13:02 +01:00
Quentin Gliech
5ed3c87818 Simplify the consent screens 2025-12-02 18:10:12 +01:00
Olivier 'reivilibre
eeb0692b8e Add experimental and preliminary policy-driven session limiting when logging in compatibility sessions. (#5287) 2025-12-02 15:50:04 +00:00
Olivier 'reivilibre
6c066ca972 Update templates/pages/compat_login_policy_violation.html 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-12-02 15:25:04 +00:00
Olivier 'reivilibre
5c7ff7b8dc We can't show a cancel button, so don't show one 2025-11-28 12:42:48 +00:00
Quentin Gliech
e90f11b8f8 Remove unused login_link.html template 2025-11-27 16:18:18 +01:00
Olivier 'reivilibre
31c3fe2b39 Add a 'compat login policy violation' page 2025-11-25 18:41:14 +00:00
Quentin Gliech
f0d779e9b1 Interactively guide users for selecting a valid username 2025-11-18 18:25:23 +01:00
Olivier 'reivilibre
81e2f9a628 Clarify some more conditions in the templates 2025-10-28 16:52:18 +00:00
Olivier 'reivilibre
1803f2b0ac For branding: use none instead of undefined 2025-10-28 15:51:34 +00:00
Olivier 'reivilibre
f8a1a362cb templates: fix reliance on lax undefined behaviour 2025-10-24 14:27:35 +01:00
Quentin Gliech
28e573b400 Add a configuration option to make email optional for password registration 2025-10-07 17:28:01 +02:00
Quentin Gliech
4d83fcb25e Merge remote-tracking branch 'origin/main' into quenting/stable-api 2025-08-04 16:38:49 +02:00
Olivier D
e5fe1bfc5c update license 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-07-21 09:52:24 +02:00
mcalinghee
1886e73e40 allow importing existing users when the localpart matches in upstream OAuth 2.0 logins 2025-07-21 09:52:24 +02:00
Quentin Gliech
430d3be87e Parse the stable scopes in the templates 2025-06-13 15:55:42 +02:00
Quentin Gliech
52b0a9b2ba Update license headers to match the actual license 2025-06-12 10:32:16 +02:00
Quentin Gliech
14b77c150a Registration token step view 2025-06-03 17:42:53 +02:00
Quentin Gliech
c230deaec0 templates: introduce a parse_user_agent filter and use it in the device consent page 2025-04-25 12:55:30 +02:00
mcalinghee
4269bc3ce3 correct format and translation 2025-04-10 17:57:58 +02:00
mcalinghee
2fe4752aa4 add login by email + feature flag 2025-04-10 17:57:58 +02:00
Quentin Gliech
a2b5a208b1 Better error pages when a user is deactivated or locked 2025-03-11 17:35:13 +01:00
Quentin Gliech
98f45666d7 Update the compound design tokens, replace the error icon with error-solid 2025-02-21 17:04:11 +01:00
Quentin Gliech
e47a364e6a Apply code style suggestion 
Co-authored-by: reivilibre <oliverw@element.io>
 2025-01-23 18:35:11 +01:00
Quentin Gliech
7f1b3866ba Disclose that email is already in use after verification 2025-01-23 18:18:19 +01:00
Quentin Gliech
3eed8d39fb Registration step to set a display name 2025-01-15 15:28:48 +01:00
Quentin Gliech
588c1bdcd4 Implement email verification in the registration flow 2025-01-15 15:28:48 +01:00
Quentin Gliech
d9a34327f9 Fix the post auth action being lost during the registration flow 2025-01-14 16:30:44 +01:00
Quentin Gliech
c2587e294c Move the registration-related views into a sub-module 2025-01-14 16:30:44 +01:00
Quentin Gliech
ce256684fe Remove the dedicated page to add an email address 2025-01-14 15:46:39 +01:00
Quentin Gliech
10bbcb0657 Username on the first registration page is optional 2025-01-07 11:49:01 +01:00
Quentin Gliech
3f842bc045 Split the base registration page with local password registration 2025-01-07 11:49:01 +01:00
Quentin Gliech
841c812ffd Tweak the login page to match the design 2025-01-07 11:49:01 +01:00
Quentin Gliech
2903ff5e7a Allow setting an explicit upstream account name (#3600) 2024-11-29 12:30:18 +01:00
Quentin Gliech
0d41cd8a0f Manual license edit of remaining files 2024-09-10 14:28:55 +02:00
reivilibre
ca05566e82 Add rate-limiting for account recovery and registration (#3093) 
* Add rate-limiting for account recovery and registration

* Rename login ratelimiter `per_address` to `per_ip` for consistency

Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-08-07 17:57:36 +00:00
Quentin Gliech
af40a9f815 Separate error page when the recovery link was already used 2024-06-28 15:59:21 +02:00
Quentin Gliech
44ebc8e683 Show a proper 'link expired' page 2024-06-28 15:59:21 +02:00
Quentin Gliech
041c74e7b2 Gate account recovery behing a configuration flag 2024-06-28 15:59:21 +02:00
Quentin Gliech
8d4e6719b1 Implement the password change form 2024-06-28 15:59:21 +02:00
Quentin Gliech
ee22699e57 Recovery progress page 2024-06-28 15:59:21 +02:00
Quentin Gliech
50742b4d2b Start recovery view 2024-06-28 15:59:21 +02:00
reivilibre
45b1e77108 Remove the old password change page (#2874) 2024-06-27 13:41:24 +01:00
reivilibre
f7366feb1f Improve errors when MAS contacts the Synapse homeserver (#2794) 
* Add some drive-by docstrings

* Change text rendering of catch_http_codes::HttpError

Using `#[source]` is unnatural here because it makes it look like
two distinct errors (one being a cause of the other),
when in reality it is just one error, with 2 parts.

Using `Display` formatting for that leads to a more natural error.

* Add constraints to `catch_http_code{,s}` methods

Not strictly required, but does two things:

- documents what kind of function is expected
- provides a small extra amount of type enforcement at the call site,
  rather than later on when you find the result doesn't implement Service

* Add a `catch_http_errors` shorthand

Nothing major, just a quality of life improvement so you don't have to
repetitively write out what a HTTP error is

* Unexpected error page: remove leading whitespace from preformatted 'details' section

The extra whitespace was probably unintentional and makes the error harder to read,
particularly when it wraps onto a new line unnecessarily

* Capture and log Matrix errors received from Synapse

* Drive-by clippy fix: use clamp instead of min().max()

* Convert `err(Display)` to `err(Debug)` for `anyhow::Error`s in matrix-synapse support module
 2024-06-07 11:14:04 +00:00
Quentin Gliech
5273820077 Place the CAPTCHA error at the end of the form 2024-05-15 09:38:10 +02:00
Quentin Gliech
608daa9ac2 Cloudflare Turnstile support 2024-05-15 09:38:10 +02:00