Commit Graph

741 Commits (219a9d9f5ed9a374f2b0f7ad039bf57394b1852c)

Author SHA1 Message Date
Daniel García 40c339db9b
Fix postgres policies, second try
5 years ago
Daniel García 402c1cd06c
Merge pull request #906 from BlackDex/upgrade-reqwest
5 years ago
Daniel García 819f340f39
Fix issue with postgres
5 years ago
BlackDex 1b4b40c95d Updated reqwest to the latest version.
5 years ago
Daniel García afd9f4e278
Allow the smtp mechanism to be provided without quotes and all lowercase
5 years ago
Daniel García 47a9461f39
Merge pull request #903 from TheBinaryLoop/patch-1
5 years ago
Daniel García c6f64d8368
Merge pull request #901 from sleweke/feature/opportunistic_tls
5 years ago
Daniel García a30d5f4cf9
Fix cloning issues
5 years ago
Daniel García 3fa78e7bb1
Initial version of policies
5 years ago
Lukas Eßmann a8a7e4f9a5
Updated domains with new values vualt
5 years ago
Samuel Leweke 5d3b765a23 Use opportunistic TLS in SMTP connections
5 years ago
Daniel García 70f3ab8ec3
Migrate lazy_static to once_cell, less macro magic and slightly faster
5 years ago
BlackDex 84dc2eda1f Changed javascript default argument construction
5 years ago
BlackDex 390d10d656 Relocated SMTP test input+button.
5 years ago
zethra cc404b4edc
Added command line flags for help and version
5 years ago
BlackDex 97fb7b5b96 Added urlpath to smtpTest function
5 years ago
BlackDex 5a974c7b94 Added SMTP test button in the admin gui
5 years ago
BlackDex 7439aeb63e Make panics logable (as warn)
5 years ago
Daniel García cd8907542a
Make sure the provided domain contains the protocol and show a useful error when it doesn't
5 years ago
Daniel García ad9f2b2d8e
Removed test urlpath
5 years ago
Daniel García 2f4a9865e1
Use absolute paths in the admin page
5 years ago
Jeremy Lin 29a0795219 Add backend support for alternate base dir (subdir/subpath) hosting
5 years ago
Daniel García 325039c316
Attachment size limits, per-user and per-organization
5 years ago
Miro Prasil 03233429f4 Remove check from Invitation:take()
5 years ago
Miroslav Prasil 0a72c4b6db Do not disable invitations via admin API
5 years ago
Daniel García 8867626de8
Add option to change invitation org name, fixes #825
5 years ago
Daniel García f5916ec396
Fix backwards indices
5 years ago
Daniel García ebb36235a7
Cache icons in the clients
5 years ago
Daniel García def174a517
Convert email domains to punycode
5 years ago
Daniel García 480ba933fa
Don't error if admin token is empty but disabled
5 years ago
Miro Prasil c4101162d6 SIGNUPS_ALLOWED with no whitelist [fixes #830]
5 years ago
Daniel García 632d55265b
Merge pull request #824 from tomuta/fix_change_email
5 years ago
tomuta e277f7d1c1 Fix change email when no whitelist is configured
5 years ago
Daniel García ff7b4a3d38
Update handlebars to 3.0 which included performance improvements.
5 years ago
Daniel García d212dfe735
Accept y/n, True/False, 1/0 as booleans in environment vars
5 years ago
Daniel García 84ed185579
Update u2f to 0.2, which requires OpenSSL but also might solve the problems we've had with certificates.
5 years ago
Michael Powers e196ba6e86
Switch error handling to ? operator instead of explicit handling.
5 years ago
Michael Powers 76743aee48
Fixes #635 - Unique constraint violation when using U2F tokens on PostgreSQL
5 years ago
Daniel García 96a189deb9
Merge pull request #803 from aeolyus/master
5 years ago
Daniel García 8c229920ad
Protect websocket server against panics
5 years ago
Richard Huang d592323e39
minor typo conect -> connect
5 years ago
Daniel García 36ae946655
Avoid some to_string in the request logging and include message to disable web vault when not found.
5 years ago
Daniel García cb6f392774
When receiving a comma separated list as IP, pick the first
5 years ago
Daniel García 88c56de97b
Config option for client IP header
5 years ago
Daniel García e274af6e3d
Print current server time when failing TOTP, and use chrono as the rest of the server
5 years ago
Daniel García a0ece3754b
Formatting
5 years ago
Daniel García 2545469713
Fix crash when page URL points to huge file
5 years ago
Daniel García 5cabf4d040
Fix IP not shown when failed login (Fixes #761)
5 years ago
Daniel García a03db6d224
Also hide options requests, unless using debug or trace
5 years ago
Daniel García 8d1b72b951
Collapsed log messages from 3 lines per request to 2 and hidden the ones valued as less informative.
5 years ago
Daniel García 912e1f93b7
Fix some lints
5 years ago
Daniel García adc443ea80
Add endpoint to delete specific U2F key
5 years ago
Daniel García 0d32179d07
Logout button in admin page
5 years ago
Daniel García 12928b832c
Fix broken tests
5 years ago
Daniel García 1e224220a8
Updated deps and fixed some lints
5 years ago
Daniel García 924ba153aa
Merge pull request #730 from tomuta/email_verification
5 years ago
tomuta bd1e8be328 Implement change-email, email-verification, account-recovery, and welcome notifications
5 years ago
Daniel García 4b71197c97
Merge pull request #738 from ntimo/task/add-netcup-global-domains
5 years ago
BlackDex b209c1bc4d Add an option to fetch and parse href="data:image"
5 years ago
ntimo 2b8d08a3f4
Added netcup domains to global domains
5 years ago
Daniel García cbadf00941
Update web vault to fix twofactorauth.org integration
5 years ago
tomuta 64d6f72e6c Add the ability to disable signups, but allow signups from a whitelist
5 years ago
Timo N b889e5185e
Added tv.apple.com to global domains
5 years ago
BlackDex 3f6809bcdf Fixed issue/request #705
5 years ago
BlackDex c52adef919 Added configurable smtp timeout.
5 years ago
BlackDex 2ffc3eac4d Clippy fix
5 years ago
BlackDex 0ff7fd939e Next attempt for issue #709 fix
5 years ago
BlackDex ca7c5129b2 Fixed issue #709 creating icon_cache directory.
5 years ago
Daniel García b4dfc24040
Merge pull request #703 from patrickli/bugfix/dont-sync-excluded-global-domains
5 years ago
Patrick Li 85dbf4e16c
Don't include excluded global equivalent domains during sync
5 years ago
BlackDex 3442eb1b9d Trying to fix issue #687
5 years ago
Daniel García e449912f05
Generate recovery codes for email and duo
5 years ago
Daniel García d29b6bee28
Remove unnecessary clones and other clippy fixes
5 years ago
Miro Prasil 00a11b1b78 Stop leaking usernames when SIGNUPS_ALLOWED=false
5 years ago
BlackDex ee550be80c Added http favicon url when response failed
5 years ago
Daniel García fccc0a4b05
Update rocket to latest master
5 years ago
Jellyfrog ebc47dc161
Remove unneeded WS logging
5 years ago
vpl 3b7a5bd102 Move 2FA email config to after SMTP config
5 years ago
vpl 2edecf34ff Use user_uuid instead of mut twofactor
5 years ago
vpl 18bc8331f9 Send email when preparing 2FA JsonError
5 years ago
BlackDex 603a964579 Fixed issue #663.
5 years ago
Daniel García dc515b83f3
Merge pull request #657 from BlackDex/totp-timedrift
5 years ago
BlackDex 9466f02696 Recoded TOTP time drift validation
5 years ago
BlackDex 2cde814aaa Fixed a bug with the sqlite backup feature.
5 years ago
BlackDex d989a19f76 Merge branch 'master' of https://github.com/dani-garcia/bitwarden_rs into totp-timedrift
5 years ago
Daniel García d292269ea0
Make the blacklist logic be cached
5 years ago
BlackDex ebf40099f2 Updated authenticator TOTP
5 years ago
BlackDex edc482c8ea Changed HIBP Error message.
5 years ago
BlackDex 6e5c03cc78 Some modification when no HIBP API Key is set
5 years ago
Daniel García 881c1978eb
Error when the URL scheme doesn't match the database type
5 years ago
Daniel García 662bc27523
Updated dependencies and fixed disable_admin_token description
5 years ago
Daniel García e6b763026e
Merge branch 'master' into icon-security
5 years ago
Daniel García c182583e09
Merge pull request #644 from BlackDex/issue-565
5 years ago
Daniel García d821389c2e
Merge pull request #639 from vverst/cors-update
5 years ago
BlackDex be2916333b Fixed issue #565
5 years ago
BlackDex 9124d8a3fb Updated icon blacklisting.
5 years ago
vpl 7b1da527a6 Change CORS headers
5 years ago
Miro Prasil d6e9af909b Remove the unnecessary check for sqlite
5 years ago
Miro Prasil acdd42935b Add sqlite binary into the docker images
5 years ago
vpl 56f12dc982 Use Access-Control-Allow-Method
5 years ago
Daniel García 4c07f05b3a
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder.
5 years ago
Michael Powers f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246.
5 years ago
Daniel García df8114f8be
Updated client kdf iterations to 100000 and fixed some lints
5 years ago
vpl 5a2f968d7a Set correct response headers, status code
5 years ago
vpl 16d88402cb Initial version of CORS support
5 years ago
Daniel García 7dcf18151d
Fix onsubmit
5 years ago
Daniel García e3404dd322
Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values
5 years ago
Daniel García bfc517ee80
Remove unused warning
5 years ago
Daniel García 4a7d2a1e28
Rename static files endpoint
5 years ago
Daniel García c07c9995ea
Merge pull request #555 from vverst/email-codes
5 years ago
ViViDboarder 672a245548 Remove unecessary clone
5 years ago
vpl 5d50b1ee3c Merge remote-tracking branch 'upstream/master' into email-codes
5 years ago
vpl c99df1c310 Compare token using crypto::ct_eq
5 years ago
vpl 591ae10144 Get token from single u64
5 years ago
ViViDboarder 2d2745195e Allow explicitly defined smtp auth mechansim
5 years ago
Daniel García 026f9da035
Allow removing users two factors
5 years ago
Daniel García d23d4f2c1d
Allow editing HIBP key in the admin panel
5 years ago
Daniel García 515b87755a
Update HIBP to v3, requires paid API key, fixes #583
5 years ago
vpl ee7837d022 Add option to require new device emails
5 years ago
Daniel García 07743e490b
Ignore error sending device email
5 years ago
BlackDex e7b6238f43 Added reqwest proxy support
5 years ago
vpl ad2225b6e5 Add configuration options for Email 2FA
5 years ago
vpl 5609103a97 Use ring to generate email token
5 years ago
vpl 6d460b44b0 Use saved token for email 2fa codes
5 years ago
vpl efd8d9f528 Remove some unused imports, unneeded mut variables
5 years ago
vpl 29aedd388e Add email code logic and move two_factor into separate modules
5 years ago
vpl 27e0e41835 Add email authenticator logic
5 years ago
vpl 0b60f20eb3 Add email message for twofactor email codes
5 years ago
Daniel García c9c3f07171
Updated dependencies and fixed panic getting icons
5 years ago
vpl df71f57d86 Move send device email to end of password login
5 years ago
vpl 60e39a9dd1 Move retrieve/new device from connData to separate function
5 years ago
vpl bc6a53b847 Add new device email when user logs in
5 years ago
Daniel García 05a1137828
Move backend checks to build.rs to fail fast, and updated dependencies
5 years ago
Nick Fox 2e300da057
Fix #468 - Percent-encode the email address in invite link
5 years ago
Cubity_First 6989fc7bdb
Corrected Spelling
6 years ago
Daniel García 76f38621de
Update dependencies and remove unwraps from Cipher::to_json
6 years ago
Daniel García 12af32b9ea
Don't print DB URL
6 years ago
Daniel García 9add8e19eb
Update dependencies and remove travis unused feature
6 years ago
Daniel García 5710703c50
Make sure the backup option only appears when using sqlite
6 years ago
Daniel García 1322b876e9
Merge pull request #493 from endyman/feature/initial_mysql_support
6 years ago
Daniel García 9ed2ba61c6
Merge pull request #475 from TheMardy/master
6 years ago
Nils Domrose 62a461ae15 remove syslog from ci, make features flag more clear
6 years ago
Nils Domrose 4859932d35 fixed typo
6 years ago
Nils Domrose dc36f0cb6c re-added sqlite check_db code, cleanup
6 years ago
Nils Domrose ff759397f6 initial mysql support
6 years ago
Emil Madsen 233b48bdad Fix missing joinable in schema
6 years ago
Emil Madsen e22e290f67 Fix key and type variable names for mysql
6 years ago
Emil Madsen ab95a69dc8 Rework migrations for MySQL
6 years ago
Emil Madsen 85c8a01f4a Merge branch 'master' of github.com:Skeen/bitwarden_rs
6 years ago
Emil Madsen 42af7c6dab MySQL database
6 years ago
Daniel García 4f45cc081f
Update ring to 0.14, jwt to 6.0, and u2f
6 years ago
TheMardy ef551f4cc6 Create Backup funcitonality
6 years ago
Daniel García 5521a86693
Change path for served images to avoid collision with vault images
6 years ago
Daniel García 3160780549
Merge pull request #401 from TheMardy/master
6 years ago
TheMardy f0701657a9 Changed to Bitwarden_RS Logo
6 years ago
Daniel García 874f5c34bd
Formatting
6 years ago
Daniel García 253faaf023
Use users duo host when required, instead of always using the global one
6 years ago
Daniel García 3d843a6a51
Merge pull request #460 from janost/organization-vault-purge
6 years ago
janost 03fdf36bf9 Fixed purging organization vault
6 years ago
Daniel García fdcc32beda
Validate Duo credentials when custom
6 years ago
Daniel García bf20355c5e
Merge branch 'duo'
6 years ago
Daniel García 0136c793b4
Implement better user status API, in the future we'll probably want a way to disable users.
6 years ago
Daniel García 2e12114350
Always create the user when inviting from admin panel
6 years ago
ViViDboarder d3a8a278e6 Add new endpoint for retrieving all users
6 years ago
Daniel García 8d9827c55f
Implement selection between global config and user settings for duo keys.
6 years ago
Daniel García cad63f9761
Auto generate akey
6 years ago
Daniel García bf446f44f9
Enable DATA_FOLDER to affect default CONFIG_FILE path
6 years ago
Daniel García 621f607297
Update dependencies and fix some warnings
6 years ago
Daniel García 754087b990
Add global duo config and document options in .env template
6 years ago
Daniel García cfbeb56371
Implement user duo, initial version
6 years ago
Daniel García c5832f2b30
With the latest fern, syslog can be a config option instead of a build flag
6 years ago
Daniel García 2475c36a75
Implement log_level config option
6 years ago
Daniel García c384f9c0ca
Set default log level to Info, we don't use debug anyway and it just fills the logs with other crates info.
6 years ago
BlackDex 6b686c18f7 Fixed long e-mail message extending 1000 lines.
6 years ago
Nick Fox 7976d39d9d
Adjust whitespace
6 years ago
Nick Fox 5ee9676941
Break up long line to stop SMTP from breaking
6 years ago
Daniel García 4b40cda910
Added domain blacklist regex for icons service and improved valid domain check.
6 years ago
Daniel García 4689ed7b30
Changed uppercase deserializer to avoid a clone.
6 years ago
Daniel García 61515160a7
Allow changing error codes and create an empty error.
6 years ago
Daniel García e93538cea9
Add option to use wrapped TLS in email, instead of STARTTLS upgrade
6 years ago
Daniel García b4244b28b6
Update admin page scripts and fixed broken tooltip
6 years ago
Daniel García 43f9038325
Add option to force resync clients in admin panel
6 years ago
Daniel García 339044f8aa
Add warning about config panel values overriding env vars.
6 years ago
Daniel García 0718a090e1
Trim spaces from admin token during authentication and validate that the admin panel token is not empty
6 years ago
Daniel García 9e1f030a80
Explicitly close SMTP connection in case of error.
6 years ago
Daniel García 04922f6aa0
Some formatting and dependency updates
6 years ago
Daniel García 7d2bc9e162
Added option to force 2fa at logins and made some changes to two factor code.
6 years ago
Daniel García 10756b0920
Update dependencies and fix some lints
6 years ago
Frank Petrilli d156170971
Minor typo fix conect => connect
6 years ago
Дамјан Георгиевски 473f8b8e31 remove some unneeded mutability
6 years ago
Daniel García 5794969f5b
Merge pull request #406 from shauder/feature/disable-admin-token
6 years ago
Shane Faulkner 8b5b06c3d1 Allow the Admin token to be disabled in the advanced menu
6 years ago
Daniel García b50c27b619
Print a warning when an env variable is being overriden by the config file, and reorganize the main file a bit.
6 years ago
Daniel García 5ee04e31e5
Updated dependencies, removed some unnecessary clones and fixed some lints
6 years ago
Daniel García bf6ae91a6d
Remove margins on small devices
6 years ago
Daniel García 828e3a5795
Add extra padding when the toolbar collapses in small devices
6 years ago
Daniel García 7b5bcd45f8
Show read-only options in the config panel and the env variable names in the tooltips
6 years ago
Miroslav Prasil 0b903fc5f4 Extended the template file and refer to wiki
6 years ago
Miroslav Prasil 4df686f49e Add an option to not enable WAL (should help in #399)
6 years ago
Daniel García d7eeaaf249
Escape user data from admin panel when calling JS
6 years ago