Instead of twisting `AuthBody`, this adds a new component for the different
styling of post-auth security flows. This also makes them fixed width and
adjusts padding to match designs.
Webpack was printing several warnings about missing default exports,
particularly from components, where we auto-generate a default import via the
component index.
As part of this, the emoji picker recent handling (which is not a component) is
moved elsewhere to avoid the generated import.
We use `export default` begrudgingly here. Ideally we'd use just `export`, though this entire SDK expects things to be exported as a default. Instead of breaking everything, we'll sacrifice our export pattern for a smaller diff - a later commit can always do the default export -> regular export conversion.
With a switch to Only One Webpack™ we need a way to help developers generate the component index without a concurrent watch task. The best way to do this is to have developers import their components, but how do they do that when we support skins? The answer in this commit is to change skinning.
Skinning now expects to receive your list of overrides instead of the react-sdk+branded components. For Riot this means we send over *only* the Vector components and not Vector+react-sdk.
Components can then be annotated with the `replaceComponent` decorator to have them be skinnable. The decorator must take a string with the dot path of the component because we can't reliably calculate it ourselves, sadly.
The decorator does a call to `getComponent` which is where the important part of the branded components not including the react-sdk is important: if the branded app includes the react-sdk then the decorator gets executed before the skin has finished loading, leading to all kinds of fun errors. This is also why the skinner lazily loads the react-sdk components to avoid importing them too early, breaking the app.
The decorator will end up receiving null for a component because of the getComponent loop mentioned: the require() call is still in progress when the decorator is called, therefore we can't error out. All usages of getComponent() within the app are safe to not need such an error (the return won't be null, and developers shouldn't use getComponent() after this commit anyways).
The AuthPage, being a prominent component, has been converted to demonstrate this working. Changes to riot-web are required to have this work.
The reskindex script has also been altered to reflect these skinning changes - it no longer should set the react-sdk as a parent. The eventual end goal is to get rid of `getComponent()` entirely as it'll be easily replaced by imports.
This ensures we only fallback to submitting MSISDN tokens to the identity server
when we expect to do. Unexpected cases will now throw an error.
Fixes https://github.com/vector-im/riot-web/issues/10936
The custom server path no longer shows an identity server field (for modern
homeservers), so it's confusing to have the help dialog reference it.
Part of https://github.com/vector-im/riot-web/issues/11236
This tweaks logic that shows some warning messages saying you need an identity
server for email recovery. Assuming you have a modern homeserver, no identity
server is need for these activities, so the warnings were confusing.
Fixes https://github.com/vector-im/riot-web/issues/11100
ServerConfig assumed that the state was already correct when
checking the given urls against the default, but that is not
neccessarily the case (eg. the validation can return a different
url to what the user entered). This would cause an infinite loop
because it would keep firing onServerConfigChange to change to
the desired URLs but the state would never change.
Fixes part of https://github.com/vector-im/riot-web/issues/10666
This hides the identity server at first from the custom server auth flows. For
the flows that may need an IS if the HS requires it (registration, password
reset), we then check with the HS before proceeding further and reveal the IS
field if it is in fact needed.
Fixes https://github.com/vector-im/riot-web/issues/10553
This performs liveliness checks on the auth pages to try and show a friendlier error. Earlier checks in the app startup are expected to not block the app from loading on such failures.
See https://github.com/vector-im/riot-web/issues/9828
We previously sent it in componentWillMount of the email token
auth component which definitely gets us on react's naughtly list.
We now pass the js-sdk a callback it can call at the appropriate
time to send the token (https://github.com/matrix-org/matrix-js-sdk/pull/926).
We should make password reset and adding email addresses work the
same way, but currently they don't even use the interactive-auth
helpers(!) so they're unaffected.
https://github.com/vector-im/riot-web/issues/9586
This makes it a bit easier to meet the requirements while still requiring a
fairly strong value. The progress bar displays a score of 3 as reaching 100% for
simplicity.
Fixes https://github.com/vector-im/riot-web/issues/9642
The configuration flag is intentionally long and annoying - the vast majority of people should not need this. The flag is intended to be used in development environments where accounts are often registered with no intention of them sticking around.
Very similar to password resets and registration, the components pass around a server config for usage by other components. Login is a bit more complicated and needs a few more changes to pull the logic out to a more generic layer.