letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
480 Commits 2 Branches 1 Tag
bca382ffdf0aec66af8a1585015f6fce8167f237
Commit Graph

480 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech
bca382ffdf Have a better error on registration if the username is already taken 2022-05-23 14:36:38 +02:00
dependabot[bot]
d5d9e73100 Bump once_cell from 1.10.0 to 1.11.0 
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 10:42:52 +02:00
Quentin Gliech
8c1762bc20 Advertise m.login.token as compat login method 2022-05-23 10:42:25 +02:00
Quentin Gliech
15913d46c5 Make the sign out buttons keep the current action context 2022-05-23 10:42:25 +02:00
Quentin Gliech
10e85306b7 Check timings when validating an SSO login 
- exchanging a token twice should not work
 - exchanging a token more than 30s after its fullfillment should not
   work
 - exchanging a pending token should not work
 - fullfilling a login more than 30min after its creation should not
   work
 - also have better errors in some cases
 2022-05-23 10:42:25 +02:00
Quentin Gliech
3ac7633140 Perform some checks on the redirectUrl 2022-05-23 10:42:25 +02:00
Quentin Gliech
eb08e3f1b6 Have a consent screen before continuing the SSO login 2022-05-23 10:42:25 +02:00
Quentin Gliech
9a989edd79 Legacy login via m.login.sso 2022-05-23 10:42:25 +02:00
Quentin Gliech
27724591f4 Upgrade AWS crates 2022-05-19 10:23:40 +02:00
dependabot[bot]
8b8ba082d7 Bump axum-extra from 0.3.2 to 0.3.3 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.3.2 to 0.3.3.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.2...axum-extra-v0.3.3)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 10:22:57 +02:00
Quentin Gliech
3b2eca9e39 Handle legacy /refresh 2022-05-19 10:17:49 +02:00
Quentin Gliech
e7e8212ffc Handle legacy token expiration & refresh tokens 2022-05-19 10:17:49 +02:00
Quentin Gliech
ac95e35a7a Better data-model for compat sessions & devices 2022-05-19 10:17:49 +02:00
Quentin Gliech
8cbaee399a Prepare the storage layer for legacy refresh tkoens 2022-05-19 10:17:49 +02:00
Quentin Gliech
ee89ed8de2 Split compat and api routers 2022-05-19 10:17:49 +02:00
Quentin Gliech
85b05f5ede Appease cargo fmt 2022-05-19 10:17:49 +02:00
Quentin Gliech
fb051eb2f4 Handle legacy /logout 2022-05-19 10:17:49 +02:00
Quentin Gliech
a4ee085664 Working legacy login endpoint 2022-05-19 10:17:49 +02:00
Quentin Gliech
f27954375a WIP: Handle /login 2022-05-19 10:17:49 +02:00
dependabot[bot]
3214c673ae Bump postcss from 8.4.13 to 8.4.14 in /crates/static-files 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.13 to 8.4.14.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.13...8.4.14)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:42:53 +02:00
dependabot[bot]
91add3d133 Bump @tailwindcss/forms from 0.5.1 to 0.5.2 in /crates/static-files 
Bumps [@tailwindcss/forms](https://github.com/tailwindlabs/tailwindcss-forms) from 0.5.1 to 0.5.2.
- [Release notes](https://github.com/tailwindlabs/tailwindcss-forms/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss-forms/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss-forms/compare/v0.5.1...v0.5.2)

---
updated-dependencies:
- dependency-name: "@tailwindcss/forms"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:02:53 +02:00
dependabot[bot]
a553f72d19 Bump rustls from 0.20.5 to 0.20.6 
Bumps [rustls](https://github.com/rustls/rustls) from 0.20.5 to 0.20.6.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.20.5...v/0.20.6)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:02:46 +02:00
dependabot[bot]
7b91a88a0b Bump axum-macros from 0.2.1 to 0.2.2 
Bumps [axum-macros](https://github.com/tokio-rs/axum) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-macros-v0.2.1...axum-macros-v0.2.2)

---
updated-dependencies:
- dependency-name: axum-macros
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:02:17 +02:00
dependabot[bot]
347eed27da Bump rustls from 0.20.4 to 0.20.5 
Bumps [rustls](https://github.com/rustls/rustls) from 0.20.4 to 0.20.5.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.20.4...v/0.20.5)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-18 09:47:05 +02:00
dependabot[bot]
5af84d7c6d Bump schemars from 0.8.9 to 0.8.10 
Bumps [schemars](https://github.com/GREsau/schemars) from 0.8.9 to 0.8.10.
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GREsau/schemars/compare/v0.8.9...v0.8.10)

---
updated-dependencies:
- dependency-name: schemars
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-18 09:46:58 +02:00
dependabot[bot]
0127d18d7a Bump cssnano from 5.1.7 to 5.1.8 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.7 to 5.1.8.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.7...cssnano@5.1.8)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-18 09:46:22 +02:00
dependabot[bot]
1f9439e264 Bump schemars from 0.8.8 to 0.8.9 
Bumps [schemars](https://github.com/GREsau/schemars) from 0.8.8 to 0.8.9.
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GREsau/schemars/compare/v0.8.8...v0.8.9)

---
updated-dependencies:
- dependency-name: schemars
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-17 17:45:04 +02:00
dependabot[bot]
b6cfd41949 Bump axum from 0.5.5 to 0.5.6 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.5.5 to 0.5.6.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.5.5...axum-v0.5.6)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-17 17:42:34 +02:00
dependabot[bot]
e1a8cbee41 Bump axum-extra from 0.3.1 to 0.3.2 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.1...axum-extra-v0.3.2)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-17 17:05:26 +02:00
Quentin Gliech
7919502397 Add password change discovery 
See https://web.dev/change-password-url/
 2022-05-12 15:06:37 +02:00
Quentin Gliech
c13f383252 Add autocomplete attributes to form fields 2022-05-12 14:59:53 +02:00
Quentin Gliech
92d3c00db0 Form error state overhaul 
This adds a new FormState structure here to hold the state of an errored
from, including retaining field value and better error codes.

It also adds error recovery for the registration form, and properly
loads the post_login_action context in case of errors.
 2022-05-12 13:35:58 +02:00
dependabot[bot]
50e48cbaf9 Bump clap from 3.1.17 to 3.1.18 
Bumps [clap](https://github.com/clap-rs/clap) from 3.1.17 to 3.1.18.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.1.17...v3.1.18)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-11 22:28:01 +02:00
dependabot[bot]
1bc499d32f Bump axum-extra from 0.3.0 to 0.3.1 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.0...axum-extra-v0.3.1)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-11 10:51:02 +02:00
dependabot[bot]
61709e5b7a Bump axum from 0.5.4 to 0.5.5 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.5.4 to 0.5.5.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.5.4...axum-v0.5.5)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-11 10:13:20 +02:00
dependabot[bot]
a00dc4b186 Bump axum-macros from 0.2.0 to 0.2.1 
Bumps [axum-macros](https://github.com/tokio-rs/axum) from 0.2.0 to 0.2.1.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-macros-v0.2.0...axum-macros-v0.2.1)

---
updated-dependencies:
- dependency-name: axum-macros
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-11 09:38:31 +02:00
Quentin Gliech
045b4dcc16 Simplify error handling in user-facing routes 2022-05-10 17:47:38 +02:00
Jonas Platte
2b871ba361 Use platform-native fs path building 2022-05-10 11:35:18 +02:00
Jonas Platte
6defdb2d15 Remove code duplication across branches 2022-05-10 11:01:24 +02:00
Jonas Platte
6b37ae4011 Remove implied StatusCode::OK 2022-05-10 11:01:24 +02:00
Quentin Gliech
7217396f1e Bump RustCrypto crates 
Temporarily use a fork for RSA which has pkcs* bumped
 2022-05-10 10:37:44 +02:00
Quentin Gliech
5b866ab87e Have a unified URL builder/router 2022-05-10 09:52:48 +02:00
dependabot[bot]
25d464295c Bump tokio from 1.18.1 to 1.18.2 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.18.1 to 1.18.2.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.18.1...tokio-1.18.2)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-09 22:10:17 +02:00
dependabot[bot]
c2f1ceb84c Bump tower-http from 0.3.2 to 0.3.3 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.3.2 to 0.3.3.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.3.2...tower-http-0.3.3)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-09 22:08:58 +02:00
dependabot[bot]
1a49ecf0b7 Bump indoc from 1.0.5 to 1.0.6 
Bumps [indoc](https://github.com/dtolnay/indoc) from 1.0.5 to 1.0.6.
- [Release notes](https://github.com/dtolnay/indoc/releases)
- [Commits](https://github.com/dtolnay/indoc/compare/1.0.5...1.0.6)

---
updated-dependencies:
- dependency-name: indoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-09 22:05:16 +02:00
Hugh Nimmo-Smith
ab2f21ad9b Button styling 2022-05-09 17:22:32 +02:00
Hugh Nimmo-Smith
02e6c34916 add outline_error_class type 2022-05-09 17:22:32 +02:00
Hugh Nimmo-Smith
c18efe8e53 s/ghost/outline/g 2022-05-09 17:22:32 +02:00
Hugh Nimmo-Smith
cc67eaa973 Another Logged in => Signed in 2022-05-09 17:22:32 +02:00
Hugh Nimmo-Smith
ab83b2f0d4 Make error button be outlined 2022-05-09 17:22:32 +02:00