Commit Graph

1436 Commits (28146e292db0e096b76f4b52916cbbab8317835e)

Author SHA1 Message Date
Bernd Schoolmann e4606431d1
Fix mobile push blocking requests and spamming push server
2 years ago
BlackDex a05187c0ff
Some code changes and optimizations
2 years ago
BlackDex 8e34495e73
Merge and modify PR from @Kurnihil
2 years ago
BlackDex 4219249e11
Add support for Organization token
2 years ago
GeekCornerGH 2d66292350
feat: Push Notifications
2 years ago
BlackDex 83376544d8 Fix collection change ws notifications
2 years ago
BlackDex 636f16dc66
Prevent 401 on main admin page
2 years ago
Jeremy Lin 23aa9088f3
Sync global_domains.json to bitwarden/server@8dda73a (Pinterest)
2 years ago
Stefan Melmuk 4d5c047ddc
policy data should be `null` not an empty object
2 years ago
BlackDex 4a2ed553df
Use Rocket `v0.5` branch to fix endpoints
2 years ago
BlackDex f906f6230a
Change `String` to `&str` for all Rocket functions
2 years ago
BlackDex 951ba55123
Prevent some `::_` logs from outputting
2 years ago
BlackDex 18abf226be
Fix admin post endpoints
2 years ago
Tim Vilgot Mikael Fredenberg 55c1b6e8d5 inline static rsa keys
2 years ago
Daniel García 3d7e80a7aa
Merge pull request #3440 from BlackDex/switch-ws-to-streams
2 years ago
kennymc-c 271e3ae757 Changed permissions back to 644
2 years ago
BlackDex 48cc31a59f
Small update to Rocket WebSockets
2 years ago
kennymc-c 6a7cee4e7e Fixed footer to footer_text
2 years ago
kennymc-c f850dbb310 Fixed some missing footer_text partials and a few inconsistencies between plain text and html email templates
2 years ago
Daniel García 07099df41a
Merge pull request #3436 from BlackDex/fix-admin-base-url
2 years ago
BlackDex ae437f70a3
Several config and admin interface fixes
2 years ago
BlackDex 3d11f4cd16
WebSockets via Rocket's Upgrade connection
2 years ago
Stefan Melmuk 89e94b1d91
check if reset policy is enabled
2 years ago
BlackDex bff54fbfdb
Fix sending out multiple websocket notifications
2 years ago
Daniel García 867c6ba056
Merge pull request #3398 from stefan0xC/dont-expect-kdf-memory-or-parallelism
2 years ago
Daniel García d1ecf03f44
Merge pull request #3397 from nikolaevn/feature/add-admin-reinvite-endpoint
2 years ago
Nikolay Nikolaev aa6f774f65 add check user state
2 years ago
Nikolay Nikolaev 379f885354 add mail check
2 years ago
Stefan Melmuk 39a5f2dbe8
clear kdf memory and parallelism with pbkdf2
2 years ago
Stefan Melmuk 0daaa9b175
always return KdfMemory and KdfParallelism
2 years ago
Nikolay Nikolaev 0c085d21ce fmt
2 years ago
Nikolay Nikolaev dcaaa430f0 support `/users/<uuid>/invite/resend` admin api
2 years ago
BlackDex 2cda54ceff
Fix password reset issues
2 years ago
Jeremy Lin 62cebebd3d
Decode knowndevice `X-Request-Email` as base64url with no padding
2 years ago
BlackDex 8bcd0ab0c6
Some small fixes and updates
2 years ago
Stefan Melmuk ed8091a994
don't use `assert()` in production code
2 years ago
Stefan Melmuk 56cad93e0f
add endpoint to bulk delete collections
2 years ago
Stefan Melmuk 3cf67e0b8d
add endpoint to bulk delete groups
2 years ago
Daniel García 729b563160
Merge pull request #3332 from BlackDex/merge-clientip-with-headers
2 years ago
Jeremy Lin daaa03d1b3 Add support for `/api/devices/knowndevice` with HTTP header params
2 years ago
BlackDex 9e5b94924f
Merge ClientIp with Headers.
2 years ago
BlackDex 0c0e632bc9
Upd Crates, Rust, MSRV, GHA and remove Backtrace
2 years ago
Daniel García a13a5bd1d8
Merge pull request #3315 from BlackDex/issue-3311
2 years ago
Daniel García 3b34b429f3
Merge pull request #3307 from jjlin/head-routes
2 years ago
BlackDex 10c5476d31
Fix web-vault Member UI show/edit/save
2 years ago
Jeremy Lin d3626eba2a Add HEAD routes to avoid spurious error messages
2 years ago
BlackDex de157b2654
Admin token Argon2 hashing support
2 years ago
Dylan Pinsonneault f88b6d961e Fix confirmation for removing 2FA and deauthing sessions in admin panel
2 years ago
Daniel García 0426051541
Merge pull request #3281 from BlackDex/fix-web-vault-issues
2 years ago
Daniel García 4556f668de
Merge pull request #3288 from BlackDex/admin-interface-updates
2 years ago
BlackDex f10e6b6ac2
Some Admin Interface updates
2 years ago
BlackDex 7ec00d3850
Fix the web-vault v2023.2.0 API calls
2 years ago
Jonathan Elias Caicedo 8f8d7418ed
Add confirmation for removing 2FA and deauth sessions in admin panel
2 years ago
Jeremy Lin 61183d001c Fix vault item display in org vault view
2 years ago
Daniel García dc7951efaf
Add missing collections/details endpoint, based on the existing one
2 years ago
Nils Mittler 0f656b4889
Apply rewording
2 years ago
Nils Mittler 6fa1dc50be
Apply Admin Session Lifetime to JWT
2 years ago
Nils Mittler 2bb41367bc
Make the admin cookie lifetime adjustable
2 years ago
Misterbabou 20d8886bfa
Fix Collection Read Only access for groups
2 years ago
BlackDex 59ef82b740
Fix Organization delete when groups are configured
2 years ago
BlackDex fc543154c0
Validate all needed fields for client API login
2 years ago
Nils Mittler 8ae799a771 Add function to fetch user by email address
2 years ago
Daniel García f92efda0f0
Merge branch 'main' into main
2 years ago
Daniel García 5bcee24f88
Merge branch 'main' into feature/kdf-options
2 years ago
soruh 9e3d7ea44c add EXE_SUFFIX to sendmail executable when not specified
2 years ago
soruh 8cc6dac893 check if SENDMAIL_COMMAND is valid using 'which' crate
2 years ago
soruh b7c4316c77 Add support for sendmail as a mail transport
2 years ago
Daniel García bc49d1f90d
Merge branch 'main' into issue-3166
2 years ago
Daniel García cef5dd4a46
Merge branch 'main' into allow-editing/unhiding-by-group
2 years ago
Daniel García 6e2c3fc1cc
Merge branch 'main' into icon-blacklist-improvements
2 years ago
Daniel García af69c83db2
Merge branch 'main' into fix-domain-description
2 years ago
Daniel García c58aac585b
Merge branch 'main' into fix-post-emergency-access
2 years ago
Daniel García a20a641de3
Merge branch 'main' into spell-jack_mitigation
2 years ago
Helmut K. C. Tessarek 68bcc7a4b8
add argon2 kdf fields
2 years ago
BlockListed c04a1352cb
remove warn when sanitizing domain
2 years ago
BlockListed 5d1c11ceba
fix trailing slash in configuration builder
2 years ago
BlockListed a2aa7c9bc2
Revert "fix trailing slash not being removed from domain"
2 years ago
Jan Jansen b3a351ccb2 allow editing/unhiding by group
2 years ago
BlockListed 679bc7a59b
fix trailing slash not being removed from domain
2 years ago
BlockListed a72d0b518f
remove documentation of bug since I'm fixing it
2 years ago
Kevin P. Fleming 6741b25907 Ensure that all results from check_domain_blacklist_reason are cached.
2 years ago
Kevin P. Fleming 24b5784f02 Generate distinct log messages for regex vs. IP blacklisting.
2 years ago
BlockListed eb9b481eba
improve wording of domain description
2 years ago
BlockListed 64edc49392
change description of domain configuration
2 years ago
sirux88 0d1753ac74 completly hide reset password policy
2 years ago
sirux88 a6558f5548 rust lang specific improvements
2 years ago
sirux88 62dfeb80f2 improved security, disabling policy usage on
2 years ago
Stefan Melmuk e65fbbfc21
don't nullify key when editing emergency access
2 years ago
BlackDex c9ed9aa733
Fix Javascript issue on non sqlite databases
2 years ago
Daniel Hammer 9b20decdc1 "Spell-Jacking" mitigation ~ prevent sensitive data leak from spell checker.
2 years ago
sirux88 adaefc8628 fixes for current upstream main
2 years ago
sirux88 c6c45c4c49 working implementation
2 years ago
sirux88 95494083f2 added database migration
2 years ago
BlackDex e38e1a5d5f
Validate note sizes on key-rotation.
2 years ago
sirux88 cc91ac6cc0
include key into user.set_password
2 years ago
BlackDex 2d8c8e18f7
Update KDF Configuration and processing
2 years ago
BlackDex acc1474394
Add avatar color support
2 years ago
BlackDex aaffb2e007
Add MFA icon to org member overview
2 years ago
GeekCorner e0e95e95e4
fix (2fa.directory): Allow api.2fa.directory, and remove 2fa.directory
2 years ago
BlackDex fa70b440d0
Fix remaning inline format
2 years ago
Rychart Redwerkz 42acb2ebb6
Use more modern meta tag for charset encoding
2 years ago
BlackDex 3181e4e96e
Optimize CipherSyncData for very large vaults
2 years ago
BlackDex 7390f34355
Resolve uninlined_format_args clippy warnings
2 years ago
Daniel García c47d9f6593
Fix some lints: explicit Arc::clone, and unnecessary return after unreachable!
2 years ago
pjsier 7dd1959eba
Log message to stderr if LOG_FILE is not writable
2 years ago
pjsier e266b39254
Log message to stderr if LOG_FILE is not writable
2 years ago
BlackDex e935989fee
Resolve uninlined_format_args clippy warnings
2 years ago
Rychart Redwerkz 25c401f64d
Remove `shrink-to-fit=no`
2 years ago
Jeremy Lin 18b72da657
Change `text/plain` API responses to `application/json`
2 years ago
BlackDex 6be26f0a38
Fix failing large note imports
2 years ago
BlackDex e945d16fcf
Optimize config loading messages
2 years ago
BlackDex f1c0aa4f83
Update WebSocket Notifications
2 years ago
pjsier 68362d06b3
Log message to stderr if LOG_FILE is not writable
2 years ago
BlackDex f65c0e2ac8
Validate YUBICO_SERVER string (#3003)
2 years ago
BlackDex 0f588ced03
Removed unsafe-inline JS from CSP and other fixes
2 years ago
Alex Martel b0f03bb49c
Remove patched multer-rs
2 years ago
Andrés Maldonado 2897c24e83 Percent-encode org_name in links
2 years ago
BlackDex 67a584c1d4
Disable groups by default and Some optimizations
2 years ago
BlackDex 8e5f03972e
Fix recover-2fa not working.
2 years ago
BlackDex b60a4a68c7
Fix a panic during Yubikey register/login
2 years ago
BlackDex 8d1bc2e539
Fix org export (again)
2 years ago
BlackDex 50c46f6e9a
Remove ctrlc crate and some updates
2 years ago
Helmut K. C. Tessarek 4f1928778a
use 32x32 favicon for consistency
2 years ago
Helmut K. C. Tessarek 5fcba3d7f5
use black favicon for /admin
2 years ago
BlackDex cd3e2d7a5a
Increase privacy of masked config
2 years ago
BlackDex d9c0c23819
Revert collection queries back to `left_join`
2 years ago
BlackDex 2d90c6ac24
Fix managers and groups link
2 years ago
Stefan Melmuk d209df9e10
use a custom 404 page
2 years ago
BlackDex d6dc6070f3
Fix admin repost warning.
2 years ago
BlackDex d66323b742
Limit Cipher Note encrypted string size
2 years ago
BlackDex 7b09d74b1f
Update dependencies for Rust and Admin interface.
2 years ago
BlackDex c0e3c2c5e1
Cleanups and Fixes for Emergency Access
2 years ago
BlackDex 1b64b9e164
Add dev-only query logging support
2 years ago
Stefan Melmuk d5e54cb576
only check sqlite parent if there could be one
2 years ago
Stefan Melmuk 8837660ba7
check if sqlite folder exists
2 years ago
BlackDex 464a489b44
Update Vaultwarden Logo's
2 years ago
BlackDex 7035700c8d
Add Organizational event logging feature
2 years ago
Stefan Melmuk 0aa33a2cb4
don't use param for passing the redirect info
2 years ago
Stefan Melmuk fa7dbedd5d
redirect to admin login page when forward fails
2 years ago
Daniel García f3beaea9e9
Merge pull request #2933 from stefan0xC/fix-manager-issue
2 years ago
Daniel García 39ae2f1f76
Merge pull request #2928 from karbobc/settings-description
2 years ago
Daniel García 366b1050ec
Merge pull request #2921 from BlackDex/issue-2909
2 years ago
Daniel García b3aab7a6ad
Merge pull request #2920 from BlackDex/issue-2889
2 years ago
Daniel García aa8d050d6b
Merge pull request #2919 from BlackDex/issue-2828
2 years ago
Daniel García 5200f0e98d
Merge pull request #2918 from BlackDex/issue-2761
2 years ago
Stefan Melmuk e27a5be47a
allow managers to set groups of a collection
2 years ago
Karbob 56786a18f1 Update settings description
2 years ago
BlackDex 0d2399d485
Prevent DNS leak when icon regex is configured
2 years ago
BlackDex 5bfc7cfde3
Added missing `register` endpoint to `identity`
2 years ago
BlackDex 723f0cbc1e
Fully remove DuckDuckGo email service.
2 years ago
BlackDex b141f789f6
Set "Bypass admin page security" as read-only
2 years ago
Samuel Tardieu 7445ee40f8 Remove get_random_64()
2 years ago
Samuel Tardieu d0baa23f9a Use constant size generic parameter for random bytes generation
2 years ago
GeekCorner 05d4788d1d
fix: removed a double space
2 years ago
BlackDex 6f0dea1b56
Add `/devices/knowndevice` endpoint
2 years ago
BlackDex 439ef44973
Update Rust version, deps and workflow
2 years ago
BlackDex c9ec389b24
Support Org Export for v2022.11 clients
2 years ago
Jeremy Lin b59809af46
Sync global_domains.json to bitwarden/server@7c783c9 (Atlassian)
2 years ago
Stefan Melmuk ed24d51d3e
validate cron expressions on startup
2 years ago
Stefan Melmuk 870f0d0932
validate billing_email on save
2 years ago
Daniel García 8409b31d6b
Update to diesel2
2 years ago
MFijak 21bc3bfd53 group support
2 years ago
Stefan Melmuk 64ae5d4f81
verify email on registration via invite link
2 years ago
Jeremy Lin 0c267d073f
Sync global_domains.json to bitwarden/server@ea300b2 (Amazon)
2 years ago
Stefan Melmuk 23f1f8a576
allow registration without invite link
2 years ago
Stefan Melmuk 0e6f6e612a
use static_files() for email attachments
2 years ago
Stefan Melmuk 4d1b860dad
attach images to email
2 years ago
Stefan Melmuk 6576914e55
fix invitations of new users when mail is disabled
2 years ago
BlackDex f41ba2a60f
Fix master password hint update not working.
2 years ago
Jeremy Lin 46ec11de12
Update CSP for DuckDuckGo email forwarding
2 years ago
Jeremy Lin 4283a49e0b
Reformat CSP header for readability
2 years ago
Jeremy Lin 1e32db8c41
Add `CreationDate` to cipher response JSON
2 years ago
Stefan Melmuk 2dd5086916
more verbose permission denied error
2 years ago
Stefan Melmuk 7532072d50
add check if data folder is a directory
2 years ago
Stefan Melmuk ef4072e4ff
improve spelling of minimum expiration hours check
2 years ago
Stefan Melmuk c78d383ed1
make invitation expiration time configurable
2 years ago
Stefan Melmuk 5b96270874
return "Object" for consistency
2 years ago
Stefan Melmuk 2c0742387b
return CaptchaBypassToken and register object
2 years ago
Stefan Melmuk 1704d14f29
v2022.9.2 expects a json response when registering
2 years ago
Stefan Melmuk 2d7ffbf378
allow the removal of non-confirmed owners
2 years ago
Stefan Melmuk 475c7b8f16
return more descriptive JWT validation messages
2 years ago
Daniel García 6fa6eb18e8
Remove unused value in config endpoint
2 years ago
BlackDex da9fd6b7d0
Fix organization vault export
2 years ago
BlackDex 9eabcd5cae
Add support for send v2 API endpoints
2 years ago
Aaron d6e0d4cbbd
fix: update warning and success case verbiage
2 years ago
Aaron e5e6db2688
fix: tooltip typo
2 years ago
Stefan Melmuk 102ee3f871
add api_not_found catcher for 404 errors in /api
2 years ago
Stefan Melmuk acb5ab08a8
add not_found catcher for 404 errors
2 years ago
Daniel García 9c891baad1
Merge pull request #2739 from BlackDex/fix-restore-revoke
2 years ago
BlackDex e47a2fd0f3
Rename/Fix revoke/restore endpoints
2 years ago
BlackDex 42b9cc73ac
Fix issue 2737, unable to create org
2 years ago
Daniel García edca4248aa
Use optional env as this variable isn't defined during CI
2 years ago
Daniel García 818b254cef
Implement config endpoint
2 years ago
Daniel García 8b5c945bad
Merge branch 'web-vault-v2022.9-support' of https://github.com/BlackDex/vaultwarden into BlackDex-web-vault-v2022.9-support
2 years ago
BlackDex 94be67eac1
Added support for web-vault v2022.9
2 years ago
BlackDex 5a05139efe
Change the handling of login errors.
2 years ago
Daniel García 7598997deb
Merge branch 'org-user-revoke-access' of https://github.com/BlackDex/vaultwarden into BlackDex-org-user-revoke-access
2 years ago
BlackDex 1722742ab3
Add Org user revoke feature
2 years ago
Hagen Tasche d9c0eb3cfc
Update two external Links to prevent tabnabbing
2 years ago
Hagen Tasche 0d990e1dc0
Open Externallink in new Tab
2 years ago
BlackDex abfa868423
Mitigate attachment/send upload issues
2 years ago
BlackDex 9a787dd105
Fix persistent folder check within containers
2 years ago
BlackDex 0f95bdc9bb
Fix issue with CSP and icon redirects
2 years ago
Daniel García c9376e3126
Remove read_file and read_file_string and replace them with the std alternatives
2 years ago
Daniel García e167798449
Merge branch 'more-clippy-checks' of https://github.com/BlackDex/vaultwarden into BlackDex-more-clippy-checks
2 years ago
Daniel García fc5928772b
Move around comments
2 years ago
BlackDex 55d7c48b1d
Add more clippy checks for better code/readability
3 years ago
Yip Rui Fung bf623eed7f Use if let instead of a match with empty block.
3 years ago
Yip Rui Fung 84bcac0112 Apply rustfmt.
3 years ago
Yip Rui Fung 31595888ea Use match to avoid ownership issues on the TempFile / file_path variables in closures.
3 years ago
Yip Rui Fung 5c38b2c4eb Remove option and use unwrap_or_else to fall back to copy behavior.
3 years ago
Yip Rui Fung ebe9162af9 Add option to make file uploads use move_copy_to instead of persist_to
3 years ago
Daniel García b64cf27038
Upgrade dependencies and swap lettre to async transport
3 years ago
Jeremy Lin 5e13b1a7cb Add `password_hints_allowed` config option
3 years ago
Daniel García 221a11de9b
Merge branch 'log-level-adjustment' of https://github.com/BlackDex/vaultwarden into BlackDex-log-level-adjustment
3 years ago
Daniel García c9934ccdb7
Merge branch 'fix-issue-2570' of https://github.com/BlackDex/vaultwarden into BlackDex-fix-issue-2570
3 years ago
Daniel García f1a86acb98
Merge branch 'optimize-icon-html-parsing' of https://github.com/BlackDex/vaultwarden into BlackDex-optimize-icon-html-parsing
3 years ago
Daniel García bf403fee7d
Merge branch 'fix-issue-2566' of https://github.com/BlackDex/vaultwarden into BlackDex-fix-issue-2566
3 years ago
BlackDex 45d3b479bc
Small change in log-level for better debugging
3 years ago
BlackDex c7a752b01d
Update dep's and small improvements on favicons
3 years ago
BlackDex 099d359628
Fix identicons not always working
3 years ago
BlackDex 006a2aacbb
Allow FireFox relay in CSP.
3 years ago
BlackDex b71d9dd53e
Fix for issue #2566
3 years ago
Daniel García 887e320e7f
Merge pull request #2555 from jjlin/global-domains
3 years ago
BlackDex 5d05ec58be
Updated deps and misc fixes and updates
3 years ago
Jeremy Lin dec03b3dc0 Sync global_domains.json to bitwarden/server@194b76c (HealthCare.gov)
3 years ago
Jeremy Lin 85950bdc0b Sync global_domains.json to bitwarden/server@496c9a5 (Proton)
3 years ago
BlackDex e33b8fab34
Re-Base, Update crates and small change.
3 years ago
Daniel García b00fbf153e
Fix clippy lint and remove unused log
3 years ago
Daniel García 0de5919a16
Fix incorrect pings sent, and respond to pings from the client
3 years ago
Daniel García 699777be9e
use dashmap in icons blacklist regex
3 years ago
Daniel García 16ff49d712
Move to job_scheduler_ng
3 years ago
Daniel García 54c78cf06d
Migrate old ws crate to tungstenite, which is async and also removes over 20 old dependencies
3 years ago
Daniel García 6b6f5b8d04
Merge branch 'lettre-improvements' of https://github.com/paolobarbolini/vaultwarden into paolobarbolini-lettre-improvements
3 years ago
Paolo Barbolini 12612da75e Remove manual IDN handling
3 years ago
Paolo Barbolini 68ec5f2a18 Use MultiPart::alternative_plain_html instead of manual impl
3 years ago
Lyonel Martinez dbd95e08e9 Adding "UserEnabled" and "CreatedAt" member to the json output of a User in the admin/users and admin/users/<ID> web routes.
3 years ago
BlackDex 40ed505581
Add a persistent volume check.
3 years ago
BlackDex 1c266031d7
Fix upload limits and disable color logs
3 years ago
Daniel García 2a9ca88c2a
Dependency updates
3 years ago
Daniel García 451ad47327
Merge branch 'db-conn-init' of https://github.com/jjlin/vaultwarden into jjlin-db-conn-init
3 years ago
BlackDex 3ca85028ea
Improve sync speed and updated dep. versions
3 years ago
Jeremy Lin 542a73cc6e Switch to a single config option for database connection init
3 years ago
Jeremy Lin 78d07e2fda Add default connection-scoped pragmas for SQLite
3 years ago
Jeremy Lin b617ffd2af Add support for database connection init statements
3 years ago
Jeremy Lin df8aeb10e8 Add `/api/{alive,now,version}` endpoints
3 years ago
Jeremy Lin 28c5e63bf5 Sync global_domains.json to bitwarden/server@3521ccb (Just Eat Takeaway.com)
3 years ago
BlackDex fb0c23b71f
Remove u2f implementation
3 years ago
Daniel García 81f0c2b0e8
Merge branch 'x-xss-protection' of https://github.com/Wonderfall/vaultwarden into Wonderfall-x-xss-protection
3 years ago
Wonderfall 27d4b713f6 disable legacy X-XSS-Protection feature
3 years ago