Daniel García
7a6a3e4160
Set the cargo version and allow changing it during build time with BWRS_VERSION.
...
Also renamed GIT_VERSION because that's not the only source anymore.
5 years ago
BlackDex
37b212427c
Updated jsonwebtoken
...
Updated to the latest version of jsonwebtoken.
Some small code changes to match the new versions.
5 years ago
Daniel García
70f3ab8ec3
Migrate lazy_static to once_cell, less macro magic and slightly faster
5 years ago
BlackDex
5a974c7b94
Added SMTP test button in the admin gui
...
- Added a test button for checking the e-mail settings.
- Fixed a bug with the _post JavaScript function:
A function was overwriten with a variable and errors were not handled
correctly like a 500 for example.
5 years ago
Daniel García
2f4a9865e1
Use absolute paths in the admin page
5 years ago
Jeremy Lin
29a0795219
Add backend support for alternate base dir (subdir/subpath) hosting
...
To use this, include a path in the `DOMAIN` URL, e.g.:
* `DOMAIN=https://example.com/custom-path `
* `DOMAIN=https://example.com/multiple/levels/are/ok `
5 years ago
Miroslav Prasil
0a72c4b6db
Do not disable invitations via admin API
...
This was brought up today:
https://github.com/dani-garcia/bitwarden_rs/issues/752#issuecomment-586715073
I don't think it makes much sense in checking whether admin has the
right to send invitation as admin can change the setting anyway.
Removing the condition allows users to forbid regular users from
inviting new users to server while still preserving the option to do so
via the admin API.
5 years ago
Daniel García
8867626de8
Add option to change invitation org name, fixes #825
...
Add option to allow additional iframe ancestors, fixes #843
Sort the rocket routes before printing them
5 years ago
Daniel García
a0ece3754b
Formatting
5 years ago
Daniel García
0d32179d07
Logout button in admin page
5 years ago
Miro Prasil
d6e9af909b
Remove the unnecessary check for sqlite
...
The binary we use is called `sqlite3` so no need to check for other
name variants as we won't use those anyways.
5 years ago
Miro Prasil
acdd42935b
Add sqlite binary into the docker images
...
This is done to enable backup functionality in the admin interface while
we're waiting for the libsqlite-sys 0.17 to bubble up in the upstream
dependencies. Then we can start using `VACUUM INTO`
This also extends the check for the sqlite binary to also try `sqlite3`
as this is the name of the binary in baseimage distributions we use.
5 years ago
Daniel García
026f9da035
Allow removing users two factors
5 years ago
Daniel García
5710703c50
Make sure the backup option only appears when using sqlite
6 years ago
TheMardy
ef551f4cc6
Create Backup funcitonality
...
Added create backup functionality to the admin panel
6 years ago
Daniel García
874f5c34bd
Formatting
6 years ago
Daniel García
2e12114350
Always create the user when inviting from admin panel
6 years ago
ViViDboarder
d3a8a278e6
Add new endpoint for retrieving all users
6 years ago
Daniel García
43f9038325
Add option to force resync clients in admin panel
6 years ago
Daniel García
0718a090e1
Trim spaces from admin token during authentication and validate that the admin panel token is not empty
6 years ago
Daniel García
04922f6aa0
Some formatting and dependency updates
6 years ago
Дамјан Георгиевски
473f8b8e31
remove some unneeded mutability
6 years ago
Shane Faulkner
8b5b06c3d1
Allow the Admin token to be disabled in the advanced menu
6 years ago
Daniel García
6027b969f5
Delete old devices when deauthorizing user sessions
6 years ago
Daniel García
9636f33fdb
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens
6 years ago
Daniel García
28d1588e73
Show version in admin panel
6 years ago
Daniel García
f3b1a5ff3e
Error when admin panel is disabled
6 years ago
Daniel García
ef63342e20
Add reset user config button
6 years ago
Daniel García
3db815b969
Implemented config form and fixed config priority
6 years ago
Daniel García
ade293cf52
Save config
6 years ago
Daniel García
877408b808
Implement basic config loading and updating. No save to file yet.
6 years ago
Daniel García
86ed75bf7c
Config can now be serialized / deserialized
6 years ago
Daniel García
c0e350b734
Disable icon downloads, accept optional query after icon href, format and clippy fixes
6 years ago
Daniel García
69036cc6a4
Add disabled user badge (no password) and deauthorize button to admin page.
6 years ago
Daniel García
a1dc47b826
Change config to thread-safe system, needed for a future config panel.
...
Improved some two factor methods.
6 years ago
Daniel García
bfd93e5b13
Show organizations in admin panel, implement reload templates option
6 years ago
Daniel García
a797459560
Implement HIBP check [WIP].
...
Add extra security attributes to admin cookie.
Error handling.
6 years ago
Daniel García
6cbb683f99
Rename admin templates to match email
6 years ago
Daniel García
92bbb98d48
Created base template
6 years ago
Daniel García
834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template
6 years ago
Daniel García
a0a08c4c5a
Include IP in invalid admin token error
6 years ago
Daniel García
4309df8334
Only create invitations when SMTP is disabled, and ignore invitations if we have a token.
...
Disallow users from accepting invitation twice
6 years ago
Nick Fox
0a74e79cea
Refactor generate_invite_claims, make org_name and org_id optional
6 years ago
Nick Fox
cec28a85ac
Update admin page to work with new invitation flow
6 years ago
Daniel García
b2fc0499f6
Finish invite functionality, and remove virtual organization
6 years ago
Daniel García
6a99849a1e
Implemented proper error handling, now we can do `user.save($conn)?;` and it works.
...
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
6 years ago
Daniel García
1b5134dfe2
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
6 years ago
Daniel García
5fecf09631
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
6 years ago