- This project now requires Node 18 or greater.
- Added env variable
UVS_DISABLE_IP_BLACKLISTto allow disabling the IP blacklist checks in private networks (contributed by @mm28ajos)
-
Fallback to
users_defaultif no power level is found for user in room power level check (contributed by @skolmer) -
Fix
UVS_DISABLE_IP_BLACKLISTto cover all cases when Matrix is also on a local network (contributed by @thermaq)
- Clarify
isDomainBlacklistedby splitting it into two functions (contributed by @mm28ajos)
-
Default behaviour has been changed to verify any OpenID tokens of any homeserver. Room membership verification is still only done against the configured homeserver even if the token is for a user on another homeserver. (related issue)
To disable this and allow verifying only a single configured homeserver, set the environment variable
UVS_OPENID_VERIFY_SERVER_NAMEto the relevant Matrix server name (for examplematrix.org).If upgrading from v1.1.0, to keep the same behaviour, one should set
UVS_OPENID_VERIFY_SERVER_NAMEto the Matrix server name of the homeserver behindUVS_HOMESERVER_URL.Due to this addition,
matrix_server_nameis a new required field in verify endpoints. To not break backwards compatibility, this won't be enforced until earliest in the next major version.
-
Added authentication token to protect the verification API's.
Enable by setting
UVS_AUTH_TOKEN.
-
Better documentation in readme.
-
The
/verify/user_in_roomnow also returns power levels of the room. In addition to the user power level in the room returned are the levels required for various actions in the room and default levels.
- Fix
requestLoggerto properly log the POST body, only redacting the token if it's given.
- Logging, defaults to
infolevel, set different level withUVS_LOG_LEVEL.
No changes since v1.0.0, purely for triggering a Docker image.
Initial version.