letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
NaN Commits 2 Branches 1 Tag
f8a1a362cb84e133147b24706eaec15186df4deb
Commit Graph

123 Commits

Author SHA1 Message Date
Olivier 'reivilibre
f8a1a362cb templates: fix reliance on lax undefined behaviour 2025-10-24 14:27:35 +01:00
Quentin Gliech
7a9d5b0c29 Highlight dangerous scopes when consenting to them 2025-10-22 11:29:52 +02:00
Quentin Gliech
28e573b400 Add a configuration option to make email optional for password registration 2025-10-07 17:28:01 +02:00
Quentin Gliech
4d83fcb25e Merge remote-tracking branch 'origin/main' into quenting/stable-api 2025-08-04 16:38:49 +02:00
Olivier D
e5fe1bfc5c update license 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-07-21 09:52:24 +02:00
mcalinghee
1886e73e40 allow importing existing users when the localpart matches in upstream OAuth 2.0 logins 2025-07-21 09:52:24 +02:00
Quentin Gliech
0371fe72da Upgrade @vector-im/compound-web as well 2025-07-10 15:20:52 +02:00
Quentin Gliech
430d3be87e Parse the stable scopes in the templates 2025-06-13 15:55:42 +02:00
Quentin Gliech
52b0a9b2ba Update license headers to match the actual license 2025-06-12 10:32:16 +02:00
Quentin Gliech
14b77c150a Registration token step view 2025-06-03 17:42:53 +02:00
Quentin Gliech
a10e517d4e Generate a device name based on the client name and user agent 2025-04-25 16:55:29 +02:00
Quentin Gliech
c230deaec0 templates: introduce a parse_user_agent filter and use it in the device consent page 2025-04-25 12:55:30 +02:00
mcalinghee
4269bc3ce3 correct format and translation 2025-04-10 17:57:58 +02:00
mcalinghee
2fe4752aa4 add login by email + feature flag 2025-04-10 17:57:58 +02:00
Quentin Gliech
b3572801df Fallback link in password recovery emails 2025-04-10 11:35:32 +02:00
hummingbard
e4f83892b9 Added upstream sample config for Discord, brand logo in templates 2025-03-30 15:53:56 +06:00
Quentin Gliech
a2b5a208b1 Better error pages when a user is deactivated or locked 2025-03-11 17:35:13 +01:00
Quentin Gliech
f66e82adc5 Show proper error messages when registering with a banned/not-allowed username 2025-03-03 10:45:30 +01:00
Quentin Gliech
98f45666d7 Update the compound design tokens, replace the error icon with error-solid 2025-02-21 17:04:11 +01:00
Quentin Gliech
a4bece6a77 Add translatable errors for the email policy constraints 2025-02-17 15:53:57 +01:00
Quentin Gliech
08a8774133 Fix the rendering of the embedded API doc 2025-02-12 18:19:25 +01:00
Quentin Gliech
e47a364e6a Apply code style suggestion 
Co-authored-by: reivilibre <oliverw@element.io>
 2025-01-23 18:35:11 +01:00
Quentin Gliech
7f1b3866ba Disclose that email is already in use after verification 2025-01-23 18:18:19 +01:00
Quentin Gliech
3eed8d39fb Registration step to set a display name 2025-01-15 15:28:48 +01:00
Quentin Gliech
588c1bdcd4 Implement email verification in the registration flow 2025-01-15 15:28:48 +01:00
Quentin Gliech
90fb2f0369 Make the password registration create a user_registration 2025-01-14 16:30:44 +01:00
Quentin Gliech
d9a34327f9 Fix the post auth action being lost during the registration flow 2025-01-14 16:30:44 +01:00
Quentin Gliech
c2587e294c Move the registration-related views into a sub-module 2025-01-14 16:30:44 +01:00
Quentin Gliech
5aa5c9cb03 Job to send the new email authentication codes 2025-01-14 15:47:17 +01:00
Quentin Gliech
ce256684fe Remove the dedicated page to add an email address 2025-01-14 15:46:39 +01:00
Quentin Gliech
10bbcb0657 Username on the first registration page is optional 2025-01-07 11:49:01 +01:00
Quentin Gliech
3f842bc045 Split the base registration page with local password registration 2025-01-07 11:49:01 +01:00
Quentin Gliech
05e7220e02 Update the IDP brand icons from Figma 2025-01-07 11:49:01 +01:00
Quentin Gliech
841c812ffd Tweak the login page to match the design 2025-01-07 11:49:01 +01:00
Quentin Gliech
a51ab2fb5c Propagate more specific error messages from the policy on registration 
This makes some policy errors translatable
 2025-01-06 10:15:08 +01:00
Quentin Gliech
2903ff5e7a Allow setting an explicit upstream account name (#3600) 2024-11-29 12:30:18 +01:00
Quentin Gliech
ec883e15ef Avoid using SameSite=None by re-submitting incoming form data 2024-11-22 08:48:00 +01:00
Quentin Gliech
87da8b39ff Enable better minijinja compatibility with the Python implementation 2024-10-28 14:59:36 +01:00
Quentin Gliech
0d41cd8a0f Manual license edit of remaining files 2024-09-10 14:28:55 +02:00
reivilibre
ca05566e82 Add rate-limiting for account recovery and registration (#3093) 
* Add rate-limiting for account recovery and registration

* Rename login ratelimiter `per_address` to `per_ip` for consistency

Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-08-07 17:57:36 +00:00
Quentin Gliech
2a2f37725d Host a Swagger UI both in the static documentation and by the server 2024-08-01 15:17:14 +02:00
Quentin Gliech
0b55719b12 Rate-limit password-based login attempts 2024-07-26 13:56:45 +02:00
Quentin Gliech
bb5bcf0f40 Rework assets loading to fix splitting CSS chunks 2024-07-25 12:59:29 +02:00
Quentin Gliech
af40a9f815 Separate error page when the recovery link was already used 2024-06-28 15:59:21 +02:00
Quentin Gliech
44ebc8e683 Show a proper 'link expired' page 2024-06-28 15:59:21 +02:00
Quentin Gliech
041c74e7b2 Gate account recovery behing a configuration flag 2024-06-28 15:59:21 +02:00
Quentin Gliech
8d4e6719b1 Implement the password change form 2024-06-28 15:59:21 +02:00
Quentin Gliech
ee22699e57 Recovery progress page 2024-06-28 15:59:21 +02:00
Quentin Gliech
df89f570ac Actually send emails for recovery 2024-06-28 15:59:21 +02:00
Quentin Gliech
50742b4d2b Start recovery view 2024-06-28 15:59:21 +02:00