letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
4,534 Commits 2 Branches 1 Tag
de4e5bee959cce2733de7d87754527eec58cc8cd
Commit Graph

4534 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech
de4e5bee95 build(deps): bump psl from 2.1.99 to 2.1.100 (#4401) 2025-04-14 17:50:15 +02:00
Quentin Gliech
0250f82af6 Allow database tests to run in parallel again (#4405) 2025-04-14 17:46:44 +02:00
dependabot[bot]
0b43c935a3 build(deps): bump psl from 2.1.99 to 2.1.100 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.99 to 2.1.100.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.99...v2.1.100)

---
updated-dependencies:
- dependency-name: psl
  dependency-version: 2.1.100
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 15:43:33 +00:00
Quentin Gliech
7b4b5286e0 build(deps-dev): bump @types/node from 22.14.0 to 22.14.1 in /tools/syn2mas in the development group (#4395) 2025-04-14 17:42:48 +02:00
matrixbot
fb1fb805d1 Translations updates for main (#4406) 2025-04-14 17:39:55 +02:00
github-actions[bot]
656ce8cf28 Translations updates 2025-04-14 15:32:48 +00:00
Quentin Gliech
ff89559a63 Allow database tests to run in parallel again 2025-04-14 17:31:33 +02:00
Quentin Gliech
f67f31afb3 build(deps): bump anyhow from 1.0.97 to 1.0.98 (#4402) 2025-04-14 17:30:23 +02:00
Quentin Gliech
2ef6877c9a build(deps): bump clap from 4.5.35 to 4.5.36 (#4403) 2025-04-14 17:06:14 +02:00
Quentin Gliech
df98ea9e0f build(deps): bump sqlx from 0.8.3 to 0.8.4 (#4404) 2025-04-14 17:06:01 +02:00
Quentin Gliech
4fa3ee64db build(deps): bump the tanstack-router group in /frontend with 3 updates (#4396) 2025-04-14 16:13:43 +02:00
dependabot[bot]
b869e94cb2 build(deps): bump sqlx from 0.8.3 to 0.8.4 
Bumps [sqlx](https://github.com/launchbadge/sqlx) from 0.8.3 to 0.8.4.
- [Changelog](https://github.com/launchbadge/sqlx/blob/main/CHANGELOG.md)
- [Commits](https://github.com/launchbadge/sqlx/commits)

---
updated-dependencies:
- dependency-name: sqlx
  dependency-version: 0.8.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 14:13:02 +00:00
dependabot[bot]
1479e5bd11 build(deps): bump clap from 4.5.35 to 4.5.36 
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.35 to 4.5.36.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.35...clap_complete-v4.5.36)

---
updated-dependencies:
- dependency-name: clap
  dependency-version: 4.5.36
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 14:12:42 +00:00
dependabot[bot]
138822f8a9 build(deps): bump anyhow from 1.0.97 to 1.0.98 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.97 to 1.0.98.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.97...1.0.98)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-version: 1.0.98
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 14:12:17 +00:00
dependabot[bot]
21f83e3e49 build(deps): bump the tanstack-router group in /frontend with 3 updates 
Bumps the tanstack-router group in /frontend with 3 updates: [@tanstack/react-router](https://github.com/TanStack/router/tree/HEAD/packages/react-router), [@tanstack/react-router-devtools](https://github.com/TanStack/router/tree/HEAD/packages/react-router-devtools) and [@tanstack/router-plugin](https://github.com/TanStack/router/tree/HEAD/packages/router-plugin).


Updates `@tanstack/react-router` from 1.115.2 to 1.116.0
- [Release notes](https://github.com/TanStack/router/releases)
- [Commits](https://github.com/TanStack/router/commits/v1.116.0/packages/react-router)

Updates `@tanstack/react-router-devtools` from 1.115.2 to 1.116.0
- [Release notes](https://github.com/TanStack/router/releases)
- [Commits](https://github.com/TanStack/router/commits/v1.116.0/packages/react-router-devtools)

Updates `@tanstack/router-plugin` from 1.115.2 to 1.116.1
- [Release notes](https://github.com/TanStack/router/releases)
- [Commits](https://github.com/TanStack/router/commits/v1.116.1/packages/router-plugin)

---
updated-dependencies:
- dependency-name: "@tanstack/react-router"
  dependency-version: 1.116.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tanstack-router
- dependency-name: "@tanstack/react-router-devtools"
  dependency-version: 1.116.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: tanstack-router
- dependency-name: "@tanstack/router-plugin"
  dependency-version: 1.116.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: tanstack-router
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 14:07:17 +00:00
Quentin Gliech
e1d45770ea build(deps): bump the tanstack-query group in /frontend with 2 updates (#4397) 2025-04-14 16:05:39 +02:00
Quentin Gliech
980e526b16 build(deps-dev): bump the types group in /frontend with 2 updates (#4398) 2025-04-14 16:05:27 +02:00
Quentin Gliech
b0adc9d9fe build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 (#4400) 2025-04-14 16:05:19 +02:00
Quentin Gliech
133a773b2c Create missing indexes for all the foreign keys in the database. (#4385) 2025-04-14 16:03:28 +02:00
Quentin Gliech
9e3055e96e Clear the session cookie on logout from the GraphQL API (#4328) 2025-04-14 15:52:18 +02:00
Quentin Gliech
c4f4f09336 Lookup usernames case insensitively (#4378) 2025-04-14 15:51:59 +02:00
Quentin Gliech
a47dba1b1d Always ask for consent, never for reauth (#4386) 2025-04-14 15:51:48 +02:00
dependabot[bot]
b8e39a9b2f build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4.3.0...v4.4.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 13:25:29 +00:00
dependabot[bot]
71440dd1c4 build(deps-dev): bump the types group in /frontend with 2 updates 
Bumps the types group in /frontend with 2 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react).


Updates `@types/node` from 22.14.0 to 22.14.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/react` from 19.1.0 to 19.1.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 22.14.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
- dependency-name: "@types/react"
  dependency-version: 19.1.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 13:17:25 +00:00
dependabot[bot]
2e3eba18b6 build(deps): bump the tanstack-query group in /frontend with 2 updates 
Bumps the tanstack-query group in /frontend with 2 updates: [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) and [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools).


Updates `@tanstack/react-query` from 5.72.2 to 5.74.3
- [Release notes](https://github.com/TanStack/query/releases)
- [Commits](https://github.com/TanStack/query/commits/v5.74.3/packages/react-query)

Updates `@tanstack/react-query-devtools` from 5.72.2 to 5.74.3
- [Release notes](https://github.com/TanStack/query/releases)
- [Commits](https://github.com/TanStack/query/commits/v5.74.3/packages/react-query-devtools)

---
updated-dependencies:
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.74.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tanstack-query
- dependency-name: "@tanstack/react-query-devtools"
  dependency-version: 5.74.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: tanstack-query
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 13:17:05 +00:00
dependabot[bot]
9cce8389b0 build(deps-dev): bump @types/node 
Bumps the development group in /tools/syn2mas with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 22.14.0 to 22.14.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 22.14.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 13:13:27 +00:00
Quentin Gliech
32f19afec6 Document how to migrate passwords from Synapse with a pepper set (#4353) 2025-04-11 16:40:14 +02:00
Quentin Gliech
b802f8f173 Minor rewording 2025-04-11 16:33:14 +02:00
Quentin Gliech
0fe9f69df2 build(deps-dev): bump @types/react-dom from 19.1.1 to 19.1.2 in /frontend in the types group (#4380) 2025-04-11 16:30:28 +02:00
Quentin Gliech
5bb726be68 build(deps-dev): bump knip from 5.48.0 to 5.50.2 in /frontend (#4390) 2025-04-11 16:30:09 +02:00
Quentin Gliech
cc68d4c018 build(deps-dev): bump vite from 6.2.5 to 6.2.6 in /frontend in the vite group (#4379) 2025-04-11 16:27:36 +02:00
Quentin Gliech
1fd5521e59 build(deps): bump opentelemetry-prometheus from 0.29.0 to 0.29.1 in the opentelemetry group (#4388) 2025-04-11 16:26:58 +02:00
Quentin Gliech
6e9fbfae53 build(deps): bump vergen-gitcl from 1.0.7 to 1.0.8 (#4389) 2025-04-11 16:26:30 +02:00
dependabot[bot]
8aaab1949b build(deps-dev): bump vite in /frontend in the vite group 
Bumps the vite group in /frontend with 1 update: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `vite` from 6.2.5 to 6.2.6
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v6.2.6/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.2.6/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 6.2.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vite
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 14:00:59 +00:00
Quentin Gliech
51c1f0e258 build(deps): bump the tanstack-query group in /frontend with 2 updates (#4359) 2025-04-11 15:59:29 +02:00
dependabot[bot]
f00a593d7f build(deps-dev): bump knip from 5.48.0 to 5.50.2 in /frontend 
Bumps [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) from 5.48.0 to 5.50.2.
- [Release notes](https://github.com/webpro-nl/knip/releases)
- [Changelog](https://github.com/webpro-nl/knip/blob/main/packages/knip/.release-it.json)
- [Commits](https://github.com/webpro-nl/knip/commits/5.50.2/packages/knip)

---
updated-dependencies:
- dependency-name: knip
  dependency-version: 5.50.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:52:34 +00:00
dependabot[bot]
13ec8043f2 build(deps): bump the tanstack-query group in /frontend with 2 updates 
Bumps the tanstack-query group in /frontend with 2 updates: [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) and [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools).


Updates `@tanstack/react-query` from 5.71.10 to 5.72.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Commits](https://github.com/TanStack/query/commits/v5.72.0/packages/react-query)

Updates `@tanstack/react-query-devtools` from 5.71.10 to 5.72.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Commits](https://github.com/TanStack/query/commits/v5.72.0/packages/react-query-devtools)

---
updated-dependencies:
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.72.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tanstack-query
- dependency-name: "@tanstack/react-query-devtools"
  dependency-version: 5.72.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: tanstack-query
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:52:05 +00:00
dependabot[bot]
9cbab4b519 build(deps-dev): bump @types/react-dom in /frontend in the types group 
Bumps the types group in /frontend with 1 update: [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom).


Updates `@types/react-dom` from 19.1.1 to 19.1.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom)

---
updated-dependencies:
- dependency-name: "@types/react-dom"
  dependency-version: 19.1.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:51:54 +00:00
Quentin Gliech
1e70c43cbd Upgrade the Prometheus crate to 0.14.0 2025-04-11 15:40:00 +02:00
Quentin Gliech
3eb9822791 Handle the case where there are multiple users with the same username, but with a different casing. 2025-04-11 15:38:28 +02:00
dependabot[bot]
60a42f359d build(deps): bump vergen-gitcl from 1.0.7 to 1.0.8 
Bumps [vergen-gitcl](https://github.com/rustyhorde/vergen) from 1.0.7 to 1.0.8.
- [Release notes](https://github.com/rustyhorde/vergen/releases)
- [Commits](https://github.com/rustyhorde/vergen/compare/vergen_git2_1.0.7...vergen_gix_1.0.8)

---
updated-dependencies:
- dependency-name: vergen-gitcl
  dependency-version: 1.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:26:03 +00:00
dependabot[bot]
306ffe1d6a build(deps): bump opentelemetry-prometheus in the opentelemetry group 
Bumps the opentelemetry group with 1 update: [opentelemetry-prometheus](https://github.com/open-telemetry/opentelemetry-rust).


Updates `opentelemetry-prometheus` from 0.29.0 to 0.29.1
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/opentelemetry-prometheus-0.29.0...opentelemetry-prometheus-0.29.1)

---
updated-dependencies:
- dependency-name: opentelemetry-prometheus
  dependency-version: 0.29.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 13:24:43 +00:00
Quentin Gliech
e0dacf0761 Remove the complete handler, make it go through the consent page 2025-04-11 15:04:34 +02:00
Quentin Gliech
59e5068855 Remove the reauth view 2025-04-11 13:35:59 +02:00
Samuel Lorch
4b073ea079 Document password scheme secret field for migrations 
Signed-off-by: Samuel Lorch sam@soontm.de
 2025-04-11 11:45:28 +02:00
Quentin Gliech
6893edc181 Allow logging in using an email address (#4337) 2025-04-10 20:01:56 +02:00
Quentin Gliech
73a4007c18 Always ask for consent, never for reauth 
Now that we have deduplicated clients, we're in this weird situation
where authorization grants just… go through.

This is because 4 years ago, I designed it to support prompt=consent and
prompt=none, but that never ended up being used/mentioned in the MSCs.

We also had support for max_age, but that required reauthing, which
doesn't work well with upstream providers.

So this removes support for prompt=consent|none and max_age, and makes
sure we always go through the consent page.

Lots of code deleted, yay!
 2025-04-10 19:57:45 +02:00
mcalinghee
b8eacd9f68 Update translations/en.json 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-04-10 19:41:17 +02:00
Quentin Gliech
b80a52e390 Also lowercase the username when checking if it exists. 2025-04-10 18:45:13 +02:00
Quentin Gliech
7f0dcaa73f Lookup usernames case insensitively 2025-04-10 18:36:43 +02:00