Commit Graph

630 Commits (0b7d6bf6df5a83dcc95d063baa04d8818eb9d7db)

Author SHA1 Message Date
BlackDex ac2723f898 Updated Organizations overview
5 years ago
BlackDex 2fffaec226 Added attachment info per user and some layout fix
5 years ago
BlackDex 5c54dfee3a Fixed an issue when DNS resolving fails.
5 years ago
Jeremy Lin 39d1a09704 Avoid double-slashes in the admin URL
5 years ago
BlackDex b6fde857a7 Added version check to diagnostics
5 years ago
BlackDex 3c66deb5cc Redesign of the admin interface.
5 years ago
Jeremy Lin a314933557 Allow email changes for existing accounts even when signups are disabled
5 years ago
Daniel García 0807783388
Add ip on totp miss
5 years ago
Daniel García aee1ea032b
Merge pull request #989 from theycallmesteve/update_responses
5 years ago
theycallmesteve 5571a5d8ed
Update post_keys to return a keys response model
5 years ago
theycallmesteve 6a8c65493f
Rename collection_user_details to collection_read_only to reflect the response model
5 years ago
theycallmesteve dfdf4473ea
Rename to_json_list to to_json_provder to reflect the response model
5 years ago
theycallmesteve 632f4d5453
Whitespace fixes
5 years ago
Daniel García ec8028aef2
Merge pull request #979 from jjlin/admin-redirect
5 years ago
Daniel García 9cca64003a
Remove unused dependency and simple feature, update dependencies and fix some clippy lints
5 years ago
Jeremy Lin 819d5e2dc8 Use absolute URIs for admin page redirects
5 years ago
Daniel García 0de52c6c99
Merge pull request #957 from jjlin/domain-whitelist
5 years ago
Daniel García e3b00b59a7
Initial support for soft deletes
5 years ago
Jeremy Lin 0a68de6c24 Warn on empty `ADMIN_TOKEN` instead of bailing out
5 years ago
Jeremy Lin e4d08836e2 Make org owner invitations respect the email domain whitelist
5 years ago
Jeremy Lin c2a324e5da Clean up domain whitelist logic
5 years ago
Jeremy Lin 6cd8512bbd Fix Duo auth failure with non-lowercased email addresses
5 years ago
Jeremy Lin 7407b8326a Fix attachment size limit calculation
5 years ago
Jeremy Lin 862d401077 Fix WebSocket notifications
5 years ago
Jeremy Lin c06162b22f Handle `devicePushToken`
5 years ago
Daniel García 7a6a3e4160
Set the cargo version and allow changing it during build time with BWRS_VERSION.
5 years ago
Daniel García 94341f9f3f
Fix token error while accepting invite
5 years ago
BlackDex 37b212427c Updated jsonwebtoken
5 years ago
Daniel García 2ee07ea1d8
Fix empty data when cloning cipher
5 years ago
BlackDex 1b4b40c95d Updated reqwest to the latest version.
5 years ago
Daniel García a30d5f4cf9
Fix cloning issues
5 years ago
Daniel García 3fa78e7bb1
Initial version of policies
5 years ago
Daniel García 70f3ab8ec3
Migrate lazy_static to once_cell, less macro magic and slightly faster
5 years ago
BlackDex 5a974c7b94 Added SMTP test button in the admin gui
5 years ago
Daniel García 2f4a9865e1
Use absolute paths in the admin page
5 years ago
Jeremy Lin 29a0795219 Add backend support for alternate base dir (subdir/subpath) hosting
5 years ago
Daniel García 325039c316
Attachment size limits, per-user and per-organization
5 years ago
Miroslav Prasil 0a72c4b6db Do not disable invitations via admin API
5 years ago
Daniel García 8867626de8
Add option to change invitation org name, fixes #825
5 years ago
Daniel García f5916ec396
Fix backwards indices
5 years ago
Daniel García ebb36235a7
Cache icons in the clients
5 years ago
Daniel García def174a517
Convert email domains to punycode
5 years ago
Daniel García 84ed185579
Update u2f to 0.2, which requires OpenSSL but also might solve the problems we've had with certificates.
5 years ago
Daniel García 8c229920ad
Protect websocket server against panics
5 years ago
Daniel García e274af6e3d
Print current server time when failing TOTP, and use chrono as the rest of the server
5 years ago
Daniel García a0ece3754b
Formatting
5 years ago
Daniel García 2545469713
Fix crash when page URL points to huge file
5 years ago
Daniel García 5cabf4d040
Fix IP not shown when failed login (Fixes #761)
5 years ago
Daniel García 8d1b72b951
Collapsed log messages from 3 lines per request to 2 and hidden the ones valued as less informative.
5 years ago
Daniel García 912e1f93b7
Fix some lints
5 years ago
Daniel García adc443ea80
Add endpoint to delete specific U2F key
5 years ago
Daniel García 0d32179d07
Logout button in admin page
5 years ago
Daniel García 12928b832c
Fix broken tests
5 years ago
Daniel García 924ba153aa
Merge pull request #730 from tomuta/email_verification
5 years ago
tomuta bd1e8be328 Implement change-email, email-verification, account-recovery, and welcome notifications
5 years ago
BlackDex b209c1bc4d Add an option to fetch and parse href="data:image"
5 years ago
tomuta 64d6f72e6c Add the ability to disable signups, but allow signups from a whitelist
5 years ago
BlackDex 3f6809bcdf Fixed issue/request #705
5 years ago
BlackDex 2ffc3eac4d Clippy fix
5 years ago
BlackDex 0ff7fd939e Next attempt for issue #709 fix
5 years ago
BlackDex ca7c5129b2 Fixed issue #709 creating icon_cache directory.
5 years ago
Patrick Li 85dbf4e16c
Don't include excluded global equivalent domains during sync
5 years ago
Daniel García e449912f05
Generate recovery codes for email and duo
5 years ago
Daniel García d29b6bee28
Remove unnecessary clones and other clippy fixes
5 years ago
Miro Prasil 00a11b1b78 Stop leaking usernames when SIGNUPS_ALLOWED=false
5 years ago
BlackDex ee550be80c Added http favicon url when response failed
5 years ago
Jellyfrog ebc47dc161
Remove unneeded WS logging
5 years ago
vpl 2edecf34ff Use user_uuid instead of mut twofactor
5 years ago
vpl 18bc8331f9 Send email when preparing 2FA JsonError
5 years ago
BlackDex 603a964579 Fixed issue #663.
5 years ago
BlackDex 9466f02696 Recoded TOTP time drift validation
5 years ago
BlackDex d989a19f76 Merge branch 'master' of https://github.com/dani-garcia/bitwarden_rs into totp-timedrift
5 years ago
Daniel García d292269ea0
Make the blacklist logic be cached
5 years ago
BlackDex ebf40099f2 Updated authenticator TOTP
5 years ago
BlackDex edc482c8ea Changed HIBP Error message.
5 years ago
BlackDex 6e5c03cc78 Some modification when no HIBP API Key is set
5 years ago
Daniel García e6b763026e
Merge branch 'master' into icon-security
5 years ago
BlackDex be2916333b Fixed issue #565
5 years ago
BlackDex 9124d8a3fb Updated icon blacklisting.
5 years ago
Miro Prasil d6e9af909b Remove the unnecessary check for sqlite
5 years ago
Miro Prasil acdd42935b Add sqlite binary into the docker images
5 years ago
Daniel García 4c07f05b3a
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder.
5 years ago
Daniel García df8114f8be
Updated client kdf iterations to 100000 and fixed some lints
5 years ago
Daniel García e3404dd322
Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values
5 years ago
Daniel García bfc517ee80
Remove unused warning
5 years ago
Daniel García 4a7d2a1e28
Rename static files endpoint
5 years ago
vpl 5d50b1ee3c Merge remote-tracking branch 'upstream/master' into email-codes
5 years ago
vpl c99df1c310 Compare token using crypto::ct_eq
5 years ago
vpl 591ae10144 Get token from single u64
5 years ago
Daniel García 026f9da035
Allow removing users two factors
5 years ago
Daniel García 515b87755a
Update HIBP to v3, requires paid API key, fixes #583
5 years ago
vpl ee7837d022 Add option to require new device emails
5 years ago
Daniel García 07743e490b
Ignore error sending device email
5 years ago
BlackDex e7b6238f43 Added reqwest proxy support
5 years ago
vpl ad2225b6e5 Add configuration options for Email 2FA
5 years ago
vpl 5609103a97 Use ring to generate email token
5 years ago
vpl 6d460b44b0 Use saved token for email 2fa codes
5 years ago
vpl efd8d9f528 Remove some unused imports, unneeded mut variables
5 years ago
vpl 29aedd388e Add email code logic and move two_factor into separate modules
5 years ago
vpl 27e0e41835 Add email authenticator logic
5 years ago
Daniel García c9c3f07171
Updated dependencies and fixed panic getting icons
5 years ago
vpl df71f57d86 Move send device email to end of password login
5 years ago
vpl 60e39a9dd1 Move retrieve/new device from connData to separate function
5 years ago
vpl bc6a53b847 Add new device email when user logs in
5 years ago
Daniel García 05a1137828
Move backend checks to build.rs to fail fast, and updated dependencies
5 years ago
Daniel García 5710703c50
Make sure the backup option only appears when using sqlite
6 years ago
Daniel García 1322b876e9
Merge pull request #493 from endyman/feature/initial_mysql_support
6 years ago
Emil Madsen e22e290f67 Fix key and type variable names for mysql
6 years ago
TheMardy ef551f4cc6 Create Backup funcitonality
6 years ago
Daniel García 5521a86693
Change path for served images to avoid collision with vault images
6 years ago
Daniel García 3160780549
Merge pull request #401 from TheMardy/master
6 years ago
Daniel García 874f5c34bd
Formatting
6 years ago
Daniel García 253faaf023
Use users duo host when required, instead of always using the global one
6 years ago
Daniel García 3d843a6a51
Merge pull request #460 from janost/organization-vault-purge
6 years ago
janost 03fdf36bf9 Fixed purging organization vault
6 years ago
Daniel García fdcc32beda
Validate Duo credentials when custom
6 years ago
Daniel García bf20355c5e
Merge branch 'duo'
6 years ago
Daniel García 2e12114350
Always create the user when inviting from admin panel
6 years ago
ViViDboarder d3a8a278e6 Add new endpoint for retrieving all users
6 years ago
Daniel García 8d9827c55f
Implement selection between global config and user settings for duo keys.
6 years ago
Daniel García cad63f9761
Auto generate akey
6 years ago
Daniel García 621f607297
Update dependencies and fix some warnings
6 years ago
Daniel García 754087b990
Add global duo config and document options in .env template
6 years ago
Daniel García cfbeb56371
Implement user duo, initial version
6 years ago
Daniel García 4b40cda910
Added domain blacklist regex for icons service and improved valid domain check.
6 years ago
Daniel García 61515160a7
Allow changing error codes and create an empty error.
6 years ago
Daniel García 43f9038325
Add option to force resync clients in admin panel
6 years ago
Daniel García 0718a090e1
Trim spaces from admin token during authentication and validate that the admin panel token is not empty
6 years ago
Daniel García 04922f6aa0
Some formatting and dependency updates
6 years ago
Daniel García 7d2bc9e162
Added option to force 2fa at logins and made some changes to two factor code.
6 years ago
Daniel García 10756b0920
Update dependencies and fix some lints
6 years ago
Дамјан Георгиевски 473f8b8e31 remove some unneeded mutability
6 years ago
Shane Faulkner 8b5b06c3d1 Allow the Admin token to be disabled in the advanced menu
6 years ago
Daniel García 5ee04e31e5
Updated dependencies, removed some unnecessary clones and fixed some lints
6 years ago
TheMardy 84fb6aaddb Set correct MIME type
6 years ago
Daniel García a744b9437a
Implemented multiple U2f keys, key names, and compromised checks
6 years ago
Daniel García 6027b969f5
Delete old devices when deauthorizing user sessions
6 years ago
Daniel García 93805a5d7b
Fix Yubikeys deleted on error
6 years ago
TheMardy a79334ea4c Added static email image routes
6 years ago
BlackDex 3b27dbb0aa Added config option for icon download timeout
6 years ago
Daniel García 9636f33fdb
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens
6 years ago
Daniel García 28d1588e73
Show version in admin panel
6 years ago
Daniel García f3b1a5ff3e
Error when admin panel is disabled
6 years ago
Daniel García 820c8b0dce
Change use of deserialize_with for Option iterator
6 years ago
Daniel García 8b4a6f2a64
Fixed some clippy lints and changed update_uuid_revision to only use one db query
6 years ago
Daniel García ef63342e20
Add reset user config button
6 years ago
Daniel García 3db815b969
Implemented config form and fixed config priority
6 years ago
Daniel García ade293cf52
Save config
6 years ago
Daniel García 877408b808
Implement basic config loading and updating. No save to file yet.
6 years ago
Daniel García 86ed75bf7c
Config can now be serialized / deserialized
6 years ago
Daniel García 20d8d800f3
Updated dependencies
6 years ago
Miroslav Prasil 637f655b6f Do not allocate uneccessary Vec
6 years ago
Miroslav Prasil b3f7394c06 Do not update revision at the end, as we already did that
6 years ago
Miroslav Prasil 1a5ecd4d4a cipher does not need to be mutable
6 years ago
Miroslav Prasil bd65c4e312 Remove superfluous cipher.save() call
6 years ago
BlackDex 9026cc8d42 Fixed issue when the iconlist is smaller then 5
6 years ago
BlackDex 574b040142 Loop through the iconlist until an icon is found
6 years ago
BlackDex c13f115473 Fixed issue #380
6 years ago
BlackDex bc461d9baa Some small changes on the iter of the cookies
6 years ago
BlackDex 5016e30cf2 Added cookies to the icon download request.
6 years ago
Daniel García 2a60414031
Reuse the client between requests, and use the client when downloading the icons themselves
6 years ago
BlackDex feb74a5e86 Changed the way to fix the href
6 years ago
Daniel García c0e350b734
Disable icon downloads, accept optional query after icon href, format and clippy fixes
6 years ago
Daniel García bef1183c49
Only send one notification per vault import and purge, improve move ciphers functions
6 years ago
Daniel García 07388d327f
Merge pull request #370 from BlackDex/favicons
6 years ago
BlackDex 4de16b2d17 Removed unwrap and added ?
6 years ago
BlackDex da068a43c1 Moved function call to get_icon_url to prevent error bubbeling
6 years ago
BlackDex 9657463717 Added better favicon downloader.
6 years ago
Daniel García 69036cc6a4
Add disabled user badge (no password) and deauthorize button to admin page.
6 years ago
Daniel García 700e084101
Add 2FA icon to admin panel
6 years ago
Daniel García a1dc47b826
Change config to thread-safe system, needed for a future config panel.
6 years ago
Daniel García 86de0ca17b
Fix editing users from collections menu
6 years ago
Stephen White 928ad6c1d8 Fix the list of users with access to a collection to display correctly.
6 years ago
Daniel García bfd93e5b13
Show organizations in admin panel, implement reload templates option
6 years ago
Daniel García a797459560
Implement HIBP check [WIP].
6 years ago
Daniel García 6cbb683f99
Rename admin templates to match email
6 years ago
Daniel García 92bbb98d48
Created base template
6 years ago
Daniel García 834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template
6 years ago
Daniel García e0aec8d373
Use new i64::to_be_bytes and remove byteorder dep
6 years ago
Daniel García 1ce2587330
Correct update cipher order: first save cipher, then cipher-folder, then notify
6 years ago
Miroslav Prasil 71a10e0378 Fix sharing the item to organization.
6 years ago
Daniel García 9bf13b7872
Can't return inside multipart closure
6 years ago
Daniel García d420992f8c
Update some function calls to use ?
6 years ago
Daniel García c259a0e3e2
Save recovery code when using yubikey and stop repeating headers.user everywhere
6 years ago
Daniel García 432be274ba
Improve org mismatch check, consider different orgs
6 years ago
Daniel García 484bf5b703
Check that the client is not updating an outdated cipher, that should be part of an org now
6 years ago
Daniel García 4bf32af60e
Fix folder notifications, enable template strict mode and add missing option to env template
6 years ago
Daniel García f571df7367
Revert yubikey feature, not needed anymore
6 years ago
Daniel García 1d7f704754
Send CipherUpdate when adding and deleting attachments
6 years ago
Daniel García 1d034749f7
Fix AArch64 build by disabling yubico
6 years ago
Daniel García 320266606e
Implement put collections
6 years ago
Daniel García a0a08c4c5a
Include IP in invalid admin token error
6 years ago
Daniel García 4309df8334
Only create invitations when SMTP is disabled, and ignore invitations if we have a token.
6 years ago
Daniel García f1161c65fb
Make sure an invitation is created when reinviting
6 years ago
Daniel García 21b85b78b1
Changed reinvite check and removed obsolete comment
6 years ago
Daniel García 5e37471488
Merge pull request #323 from njfox/invite_accepted_email
6 years ago
Nick Fox 0a74e79cea
Refactor generate_invite_claims, make org_name and org_id optional
6 years ago
Nick Fox 7db66f73f0
Refactor invited_by_email check
6 years ago
Nick Fox cec28a85ac
Update admin page to work with new invitation flow
6 years ago
Daniel García 5f49ecd7f3
Updated dependencies to use u2f crate directly, and some style changes
6 years ago
Nick Fox 736c0e62f2
Send emails to inviters/invitees when invites are accepted/confirmed
6 years ago
Daniel García 30e768613b
Start using rustfmt and some style changes to make some lines shorter
6 years ago
Daniel García adb8052689
Updated Error to implement Display and Debug, instead of using custom methods
6 years ago
Daniel García acb9d1b3c6
Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally
6 years ago
Daniel García 2bb0b15e04
Implemented better errors for JWT
6 years ago
Daniel García 250a2b340f
Use new Errors in latest changes
6 years ago
Daniel García b2fc0499f6
Finish invite functionality, and remove virtual organization
6 years ago
Daniel García 6a99849a1e
Implemented proper error handling, now we can do `user.save($conn)?;` and it works.
6 years ago
Daniel García 172f1770cf
Embed the icon in the binary, no need to download when it's not going to change
6 years ago
Daniel García 1b5134dfe2
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
6 years ago
Daniel García 5fecf09631
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
6 years ago
Nick Fox f20c4705d9
Refactor invite claims and disallow reinvites to virtual_org
6 years ago
Nick Fox 3142d8d01f
Add more detail to invitation not found error
6 years ago
Nick Fox 84fa5a4ed6
Implement reinvite endpoint
6 years ago
Nick Fox b0ac640d8b
Use JWT to validate existing user invites
6 years ago
Daniel García 2b24b17609
Merge pull request #295 from njfox/invite_emails
6 years ago
Nick Fox 2cd736ab81
Validate JWT if a user registers with SMTP invites enabled
6 years ago
Nick Fox 99256b9b3a
Prefix unused params with underscore
6 years ago
Nick Fox 26bf7bc12f
Use upstream jslib invite/registration workflow
6 years ago
Daniel García b3ec8f2611
Merge pull request #302 from tycho/icon-cache-ttl
6 years ago
Steven Noonan a55c048a62
icons: implement positive/negative cache TTLs
6 years ago
Daniel García 149e69414f
Merge pull request #293 from dheimerl/patch-1
6 years ago
dheimerl 9a7d3634d5
Changed frame-ancestors to use 'self'
6 years ago
dheimerl 7f7c936049
Fixed web.rs
6 years ago
Nick Fox 9479108fb7
Remove CONFIG.email_invitations
6 years ago
Nick Fox 042c1072d9
Remove CONFIG.email_invitation option
6 years ago
Daniel García 5a9aab1a32
Implement fromform, and ignore case and underscores, fixes #298
6 years ago
dheimerl 037eb0b790
Update web.rs
6 years ago
Nick Fox 4910b14d57
Implement email invitations and registration workflow
6 years ago
algebro e26e2319da Close #264. Usernames and IP addresses are logged on successful authentication
6 years ago
Daniel García 7adc045b80
Updated IP logging to use client_ip, to match old remote behavior.
6 years ago
Daniel García 19754c967f
More changes to the push token, and filtered multipart logs
6 years ago
Daniel García 738ad2127b
Fixed some clippy linting issues
6 years ago
Daniel García cb930a0858
Remove some required values during login, now uses default values
6 years ago
Daniel García 94810c106a
Migrate to rust 2018 edition
6 years ago
Daniel García 2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested)
6 years ago
Daniel García dc1bb6de20
Update device push token methods to more closely follow the official server response
6 years ago
Daniel García 6364c05789
Fix attachments during key rotation, add individual attachment key
6 years ago
Daniel García f71f10eac6
Implemented key rotation with the latest vault
6 years ago
Daniel García f1acc1e05a
Merge branch 'master' into rocket-0.4
6 years ago
Daniel García 3d36ac4601
Remove unwrap in connection_lost
6 years ago
Daniel García 00abd4c853
Add create endpoint, fixes #253, fixes #261
6 years ago
Daniel García a4550e51ea
Update dependencies and add /ciphers/create
6 years ago
Daniel García 5edbd0e952
Merge branch 'master' into rocket-0.4
6 years ago
Stepan Fedorko-Bartos f344dbaad4 Fixes NFC Response for Mobile Login
6 years ago
Stepan Fedorko-Bartos aba9c28226 Disable Yubikey 2FA if 0 Keys Provided
6 years ago
Stepan Fedorko-Bartos 82e2b8a8c0 Code style changes
6 years ago
Stepan Fedorko-Bartos 6d735806c0 Ensures Yubico Creds are set when opening Yubikey Modal
6 years ago
Stepan Fedorko-Bartos 2433d39df5 Allows Custom Yubico OTP Server
6 years ago
Stepan Fedorko-Bartos 9e0e4b13c5 Adds Yubikey OTP Support
6 years ago