- Nov 30, 2016
-
-
Richard van der Hoff authored -
Richard van der Hoff authored
We might as well treat all refresh_tokens as invalid. Just return a 403 from /tokenrefresh, so that we don't have a load of dead, untestable code hanging around. Still TODO: removing the table from the schema.
-
Richard van der Hoff authored
-
Richard van der Hoff authored
More intelligent Content-Type parsing
-
Richard van der Hoff authored
Stop putting a time caveat on access tokens
-
Richard van der Hoff authored
Content-Type is allowed to contain options (`; charset=utf-8`, for instance). We should allow that.
-
Richard van der Hoff authored
Update comments in verify_macaroon
-
- Nov 29, 2016
-
-
Richard van der Hoff authored
Implement E2E for guests
-
Richard van der Hoff authored
The 'time' caveat on the access tokens was something of a lie, since we weren't enforcing it; more pertinently its presence stops us ever adding useful time caveats. Let's move in the right direction by not lying in our caveats.
-
Richard van der Hoff authored
Let pip install multiple packages at once
-
Richard van der Hoff authored
Pip can install multiple dependencies at the same time, so there is no need to use xargs -n1. It's significantly slower with -n1, so let's not do it with no reason.
-
- Nov 28, 2016
-
-
Richard van der Hoff authored
Since we're not doing refresh tokens any more, we should start killing off the dead code paths. /tokenrefresh itself is a bit of a thornier subject, since there might be apps out there using it, but we can at least not generate refresh tokens on new logins.
-
- Nov 25, 2016
-
-
Richard van der Hoff authored
Remove redundant list of known caveat prefixes
-
Richard van der Hoff authored
Expose /devices, /keys, and /sendToDevice to guest users, so that they can use E2E.
-
Richard van der Hoff authored
We need to create devices for guests so that they can use e2e, but we don't have anywhere to store it, so just use a fixed one.
-
- Nov 24, 2016
-
-
Erik Johnston authored
Correctly handle 500's and 429 on federation
-
Erik Johnston authored
-
Erik Johnston authored
-
Richard van der Hoff authored
Also add some comments.
-
-
Erik Johnston authored
-
-
- Nov 23, 2016
-
-
Erik Johnston authored
More efficient notif count queries
-
Erik Johnston authored
-
Erik Johnston authored
-
Erik Johnston authored
Split out federation transaction sending to a worker
-
Erik Johnston authored
Ignore AS users when fetching push rules
-
Erik Johnston authored
-
Erik Johnston authored
-
Erik Johnston authored
-
Erik Johnston authored
-
Erik Johnston authored
-
Erik Johnston authored
By ignoring AS users early on when fetching push rules for a room we can avoid needlessly hitting the DB and filling up the caches.
-
Erik Johnston authored
-
- Nov 22, 2016
-
-
Erik Johnston authored
-
Erik Johnston authored
-
Kegsay authored
Return early on /sync code paths if a '*' filter is used
-
Kegan Dougal authored
This is currently very conservative in that it only does this if there is no `since` token. This limits the risk to clients likely to be doing one-off syncs (like bridges), but does mean that normal human clients won't benefit from the time savings here. If the savings are large enough, I would consider generalising this to just check the filter.
-
Kegsay authored
Implement "event_fields" in filters
-
Kegan Dougal authored
-