letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
NaN Commits 2 Branches 1 Tag
ad8cc6be9e5404581f6a9f78bb72c45b0e9fe97c
Commit Graph

681 Commits

Author SHA1 Message Date
Quentin Gliech
ad8cc6be9e templates: add translations function 2023-10-05 19:29:23 +02:00
Quentin Gliech
a5033d9c69 templates: expose escape_html function to fix tests 2023-10-05 19:29:23 +02:00
Quentin Gliech
a7e703e56a i18n-scan: remove tera support & cleanup minijinja support 2023-10-05 19:29:23 +02:00
Quentin Gliech
8960d1702f templates: replace tera with minijinja 2023-10-05 19:29:23 +02:00
Quentin Gliech
a8101db19b i18n-scan: support for minijinja templates 2023-10-05 19:29:23 +02:00
Quentin Gliech
701a349b9e i18n-scan: utility to scan translatable strings in templates 2023-10-05 19:29:23 +02:00
Quentin Gliech
76f63838a3 i18n: translator structure, to hold translations 2023-10-05 19:29:23 +02:00
Quentin Gliech
95ba05aa25 i18n: sprintf.js port 2023-10-05 19:29:23 +02:00
dependabot[bot]
38a4de1ef0 build(deps): bump time from 0.3.28 to 0.3.29 
Bumps [time](https://github.com/time-rs/time) from 0.3.28 to 0.3.29.
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](https://github.com/time-rs/time/compare/v0.3.28...v0.3.29)

---
updated-dependencies:
- dependency-name: time
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-26 14:48:05 +02:00
dependabot[bot]
f5dceef2e7 build(deps): bump async-graphql from 6.0.6 to 6.0.7 
Bumps [async-graphql](https://github.com/async-graphql/async-graphql) from 6.0.6 to 6.0.7.
- [Release notes](https://github.com/async-graphql/async-graphql/releases)
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-26 14:37:54 +02:00
dependabot[bot]
d9127efb56 build(deps): bump sea-query from 0.30.1 to 0.30.2 
Bumps [sea-query](https://github.com/SeaQL/sea-query) from 0.30.1 to 0.30.2.
- [Release notes](https://github.com/SeaQL/sea-query/releases)
- [Changelog](https://github.com/SeaQL/sea-query/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SeaQL/sea-query/compare/0.30.1...0.30.2)

---
updated-dependencies:
- dependency-name: sea-query
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-26 14:37:45 +02:00
dependabot[bot]
a3e9d089ee build(deps): bump aes-gcm from 0.10.2 to 0.10.3 
Bumps [aes-gcm](https://github.com/RustCrypto/AEADs) from 0.10.2 to 0.10.3.
- [Commits](https://github.com/RustCrypto/AEADs/compare/aes-gcm-v0.10.2...aes-gcm-v0.10.3)

---
updated-dependencies:
- dependency-name: aes-gcm
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-26 10:58:09 +02:00
dependabot[bot]
f6473083c2 build(deps): bump insta from 1.31.0 to 1.32.0 
Bumps [insta](https://github.com/mitsuhiko/insta) from 1.31.0 to 1.32.0.
- [Changelog](https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitsuhiko/insta/compare/1.31.0...1.32.0)

---
updated-dependencies:
- dependency-name: insta
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-22 22:30:40 +02:00
Quentin Gliech
0ad1ab1bca Bump opa-wasm & remove unnecessary cargo deny exceptions 2023-09-22 22:30:20 +02:00
dependabot[bot]
c24c15ac29 build(deps): bump wasmtime from 12.0.2 to 13.0.0 
Bumps [wasmtime](https://github.com/bytecodealliance/wasmtime) from 12.0.2 to 13.0.0.
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/docs/WASI-some-possible-changes.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/compare/v12.0.2...v13.0.0)

---
updated-dependencies:
- dependency-name: wasmtime
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-22 22:30:20 +02:00
Quentin Gliech
baaa725fcd Infer client IP address from the peer address and the X-Forwarded-Proxy header 2023-09-20 20:24:30 +02:00
Quentin Gliech
0042129878 Save the session activity in the database 2023-09-19 21:57:54 +02:00
dependabot[bot]
82b233405a build(deps): bump clap from 4.4.3 to 4.4.4 
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.3 to 4.4.4.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.4.3...v4.4.4)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-18 23:55:04 +02:00
dependabot[bot]
54eada9a30 build(deps): bump schemars from 0.8.13 to 0.8.15 
Bumps [schemars](https://github.com/GREsau/schemars) from 0.8.13 to 0.8.15.
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GREsau/schemars/compare/v0.8.13...v0.8.15)

---
updated-dependencies:
- dependency-name: schemars
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-18 23:53:37 +02:00
dependabot[bot]
45c0fa5557 build(deps): bump axum-extra from 0.7.7 to 0.8.0 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.7.7 to 0.8.0.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.7.7...axum-extra-v0.8.0)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-18 23:52:53 +02:00
dependabot[bot]
9ad9a15b29 build(deps): bump indoc from 2.0.3 to 2.0.4 
Bumps [indoc](https://github.com/dtolnay/indoc) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/dtolnay/indoc/releases)
- [Commits](https://github.com/dtolnay/indoc/compare/2.0.3...2.0.4)

---
updated-dependencies:
- dependency-name: indoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-18 23:51:20 +02:00
Quentin Gliech
9548df563d Deny URIs from client that are public suffixes 2023-09-18 11:57:50 +02:00
dependabot[bot]
5ed07a7a61 build(deps): bump chrono from 0.4.30 to 0.4.31 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.30 to 0.4.31.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.30...v0.4.31)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-16 12:29:11 +02:00
dependabot[bot]
4cb314f06c build(deps): bump wasmtime from 12.0.1 to 12.0.2 
Bumps [wasmtime](https://github.com/bytecodealliance/wasmtime) from 12.0.1 to 12.0.2.
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/docs/WASI-some-possible-changes.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/compare/v12.0.1...v12.0.2)

---
updated-dependencies:
- dependency-name: wasmtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-16 12:05:41 +02:00
Quentin Gliech
921f491a00 Rust dependencies housekeeping 
Including:
 - package upgrades
 - stop using the patched version of `ulid`
 - update cargo deny duplicate exception list
 2023-09-14 23:43:00 +02:00
Quentin Gliech
7c62f7e049 Enable HTTP keepalive correctly 2023-09-14 17:03:17 +02:00
dependabot[bot]
dc514de831 build(deps): bump libc from 0.2.147 to 0.2.148 
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.147 to 0.2.148.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.147...0.2.148)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-14 14:38:17 +02:00
Hugh Nimmo-Smith
6729429630 v0.2.0 2023-09-13 18:35:04 +02:00
dependabot[bot]
f1fdf14342 build(deps): bump clap from 4.4.2 to 4.4.3 
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.2 to 4.4.3.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.4.2...v4.4.3)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 18:28:48 +02:00
dependabot[bot]
2bffdb7ebd build(deps): bump chrono from 0.4.26 to 0.4.30 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.26 to 0.4.30.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.26...v0.4.30)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 18:28:41 +02:00
dependabot[bot]
dd8084cab8 build(deps): bump event-listener from 2.5.3 to 3.0.0 
Bumps [event-listener](https://github.com/smol-rs/event-listener) from 2.5.3 to 3.0.0.
- [Release notes](https://github.com/smol-rs/event-listener/releases)
- [Changelog](https://github.com/smol-rs/event-listener/blob/master/CHANGELOG.md)
- [Commits](https://github.com/smol-rs/event-listener/compare/v2.5.3...v3.0.0)

---
updated-dependencies:
- dependency-name: event-listener
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-12 15:31:20 +02:00
dependabot[bot]
34e95a793f build(deps): bump serde_json from 1.0.105 to 1.0.106 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.105 to 1.0.106.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.105...v1.0.106)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-12 15:30:46 +02:00
dependabot[bot]
daa4af3c4a build(deps): bump bytes from 1.4.0 to 1.5.0 
Bumps [bytes](https://github.com/tokio-rs/bytes) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/bytes/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: bytes
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-08 13:44:34 +02:00
dependabot[bot]
6630fd9ca8 build(deps): bump async-graphql from 6.0.5 to 6.0.6 
Bumps [async-graphql](https://github.com/async-graphql/async-graphql) from 6.0.5 to 6.0.6.
- [Release notes](https://github.com/async-graphql/async-graphql/releases)
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-08 13:44:27 +02:00
dependabot[bot]
7a9ab5c743 build(deps): bump opa-wasm from 4997f99 to d07721d 
Bumps [opa-wasm](https://github.com/matrix-org/rust-opa-wasm) from `4997f99` to `d07721d`.
- [Commits](4997f99223...d07721d048)

---
updated-dependencies:
- dependency-name: opa-wasm
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-08 13:44:22 +02:00
dependabot[bot]
1c12314855 build(deps): bump argon2 from 0.5.1 to 0.5.2 
Bumps [argon2](https://github.com/RustCrypto/password-hashes) from 0.5.1 to 0.5.2.
- [Commits](https://github.com/RustCrypto/password-hashes/compare/argon2-v0.5.1...argon2-v0.5.2)

---
updated-dependencies:
- dependency-name: argon2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-06 09:34:17 +02:00
dependabot[bot]
7d2d94a511 build(deps): bump tera from 1.19.0 to 1.19.1 
Bumps [tera](https://github.com/Keats/tera) from 1.19.0 to 1.19.1.
- [Changelog](https://github.com/Keats/tera/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Keats/tera/commits)

---
updated-dependencies:
- dependency-name: tera
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-06 09:34:09 +02:00
dependabot[bot]
7a7793ca5b build(deps): bump thiserror from 1.0.47 to 1.0.48 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.47 to 1.0.48.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.47...1.0.48)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-06 09:34:01 +02:00
dependabot[bot]
03dabb49f9 build(deps): bump async-graphql from 6.0.4 to 6.0.5 
Bumps [async-graphql](https://github.com/async-graphql/async-graphql) from 6.0.4 to 6.0.5.
- [Release notes](https://github.com/async-graphql/async-graphql/releases)
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 09:37:26 +02:00
dependabot[bot]
d94c501a4d build(deps): bump clap from 4.4.1 to 4.4.2 
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.1 to 4.4.2.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.4.1...v4.4.2)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 09:25:21 +02:00
dependabot[bot]
f3e610acba build(deps): bump tower-http from 0.4.3 to 0.4.4 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.4.3 to 0.4.4.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.4.3...tower-http-0.4.4)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 09:17:59 +02:00
Quentin Gliech
86d40b0345 Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech
3c33923d2c policies: split the email & password policies and add jsonschema validation of the input 2023-08-30 19:39:39 +02:00
dependabot[bot]
d06064219c build(deps): bump the opentelemetry group with 1 update 
Bumps the opentelemetry group with 1 update: [tracing-opentelemetry](https://github.com/tokio-rs/tracing-opentelemetry).

- [Release notes](https://github.com/tokio-rs/tracing-opentelemetry/releases)
- [Changelog](https://github.com/tokio-rs/tracing-opentelemetry/blob/v0.1.x/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/tracing-opentelemetry/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: tracing-opentelemetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 18:50:54 +02:00
dependabot[bot]
08b8401b99 build(deps): bump the sentry group with 1 update 
Bumps the sentry group with 1 update: [sentry](https://github.com/getsentry/sentry-rust).

- [Release notes](https://github.com/getsentry/sentry-rust/releases)
- [Changelog](https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-rust/compare/0.31.5...0.31.6)

---
updated-dependencies:
- dependency-name: sentry
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: sentry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:23:26 +02:00
dependabot[bot]
c1aea1197f build(deps): bump schemars from 0.8.12 to 0.8.13 
Bumps [schemars](https://github.com/GREsau/schemars) from 0.8.12 to 0.8.13.
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GREsau/schemars/compare/v0.8.12...v0.8.13)

---
updated-dependencies:
- dependency-name: schemars
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:00:46 +02:00
dependabot[bot]
81fa7e0750 build(deps): bump rustls from 0.21.6 to 0.21.7 
Bumps [rustls](https://github.com/rustls/rustls) from 0.21.6 to 0.21.7.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Commits](https://github.com/rustls/rustls/compare/v/0.21.6...v/0.21.7)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:00:31 +02:00
dependabot[bot]
282847a119 build(deps): bump clap from 4.4.0 to 4.4.1 
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.0 to 4.4.1.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.4.0...v4.4.1)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 00:10:05 +02:00
dependabot[bot]
793567b6a6 build(deps): bump url from 2.4.0 to 2.4.1 
Bumps [url](https://github.com/servo/rust-url) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/servo/rust-url/releases)
- [Commits](https://github.com/servo/rust-url/compare/v2.4.0...v2.4.1)

---
updated-dependencies:
- dependency-name: url
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-28 14:21:20 +02:00
dependabot[bot]
8b1f2b6780 build(deps): bump sea-query from 0.30.0 to 0.30.1 
Bumps [sea-query](https://github.com/SeaQL/sea-query) from 0.30.0 to 0.30.1.
- [Release notes](https://github.com/SeaQL/sea-query/releases)
- [Changelog](https://github.com/SeaQL/sea-query/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SeaQL/sea-query/compare/0.30.0...0.30.1)

---
updated-dependencies:
- dependency-name: sea-query
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 19:12:56 +02:00