vaultwarden

Commit Graph

Author	SHA1	Message	Date
Daniel García	5cabf4d040	Fix IP not shown when failed login (Fixes #761 )	5 years ago
Daniel García	a03db6d224	Also hide options requests, unless using debug or trace	5 years ago
Daniel García	8d1b72b951	Collapsed log messages from 3 lines per request to 2 and hidden the ones valued as less informative. Use LOG_LEVEL debug or trace to recover them. Removed LOG_MOUNTS and bundled it with LOG_LEVEL debug and trace. Removed duplicate error messages Made websocket not proxied message more prominent, but only print it once.	5 years ago
Daniel García	912e1f93b7	Fix some lints	5 years ago
Daniel García	adc443ea80	Add endpoint to delete specific U2F key	5 years ago
Daniel García	0d32179d07	Logout button in admin page	5 years ago
Daniel García	12928b832c	Fix broken tests	5 years ago
Daniel García	1e224220a8	Updated deps and fixed some lints	5 years ago
Daniel García	924ba153aa	Merge pull request #730 from tomuta/email_verification Implement change-email, email-verification, account-recovery, and welcome notifications	5 years ago
tomuta	bd1e8be328	Implement change-email, email-verification, account-recovery, and welcome notifications	5 years ago
Daniel García	4b71197c97	Merge pull request #738 from ntimo/task/add-netcup-global-domains Added netcup domains to global domains	5 years ago
BlackDex	b209c1bc4d	Add an option to fetch and parse href="data:image" Some sites are using base64 encoded inline images for favicons. This will try to match those with some sane checks and return that. These icons will have lower prio then the icons with a normal URL.	5 years ago
ntimo	2b8d08a3f4	Added netcup domains to global domains	5 years ago
Daniel García	cbadf00941	Update web vault to fix twofactorauth.org integration Update dependencies and toolchain Update included equivalent domains with upstream changes	5 years ago
tomuta	64d6f72e6c	Add the ability to disable signups, but allow signups from a whitelist This feature can be enabled by setting SIGNUPS_ALLOWED=false and providing a comma-separated list of whitelisted domains in SIGNUPS_DOMAINS_WHITELIST. Fixes #727	5 years ago
Timo N	b889e5185e	Added tv.apple.com to global domains	5 years ago
BlackDex	3f6809bcdf	Fixed issue/request #705 Added a config option to disable time drifted totp codes. Default is false, since this is what the RFC recommends.	5 years ago
BlackDex	c52adef919	Added configurable smtp timeout. - Added config option for smtp timeout - Lowered default timeout to 15 seconds instead of default 60.	5 years ago
BlackDex	2ffc3eac4d	Clippy fix	5 years ago
BlackDex	0ff7fd939e	Next attempt for issue #709 fix Now creates icon cache directory at startup. And it also creates the directory if it went missing during runtime. Also modified the icon_save/mark_negcache to be one.	5 years ago
BlackDex	ca7c5129b2	Fixed issue #709 creating icon_cache directory. When the icon_cache directory doesn't exists yet, and the first icon catched is a miss this .miss file was not able to be created since the directory was only created during a valid icon download.	5 years ago
Daniel García	b4dfc24040	Merge pull request #703 from patrickli/bugfix/dont-sync-excluded-global-domains Don't include excluded global equivalent domains during sync	5 years ago
Patrick Li	85dbf4e16c	Don't include excluded global equivalent domains during sync Fixes #681	5 years ago
BlackDex	3442eb1b9d	Trying to fix issue #687 - Using an older commit from rocket repo	5 years ago
Daniel García	e449912f05	Generate recovery codes for email and duo	5 years ago
Daniel García	d29b6bee28	Remove unnecessary clones and other clippy fixes	5 years ago
Miro Prasil	00a11b1b78	Stop leaking usernames when SIGNUPS_ALLOWED=false This fixes #691 - respond in less specific way to not leak the fact that user is already registered on the server.	5 years ago
BlackDex	ee550be80c	Added http favicon url when response failed	5 years ago
Daniel García	fccc0a4b05	Update rocket to latest master Downgrade rust version to fix cargo issue Set rustup profile to minimal	5 years ago
Jellyfrog	ebc47dc161	Remove unneeded WS logging	5 years ago
vpl	3b7a5bd102	Move 2FA email config to after SMTP config	5 years ago
vpl	2edecf34ff	Use user_uuid instead of mut twofactor	5 years ago
vpl	18bc8331f9	Send email when preparing 2FA JsonError	5 years ago
BlackDex	603a964579	Fixed issue #663 . During the 2fa activation there is no twofactor record yet. Changed the layout a bit so that it will generate a new twofactor record when it does not exists yet. Else it will just update the already existing record.	5 years ago
Daniel García	dc515b83f3	Merge pull request #657 from BlackDex/totp-timedrift Updated authenticator TOTP	5 years ago
BlackDex	9466f02696	Recoded TOTP time drift validation	5 years ago
BlackDex	2cde814aaa	Fixed a bug with the sqlite backup feature. When a custom path is used the backup feature does not work. Changed it so it will take the path of the sqlite file and use that.	5 years ago
BlackDex	d989a19f76	Merge branch 'master' of https://github.com/dani-garcia/bitwarden_rs into totp-timedrift	5 years ago
Daniel García	d292269ea0	Make the blacklist logic be cached	5 years ago
BlackDex	ebf40099f2	Updated authenticator TOTP - Added security check for previouse used codes - Allow TOTP codes with 1 step back and forward when there is a time drift. This means in total 3 codes could be valid. But only newer codes then the previouse used codes are excepted after that.	5 years ago
BlackDex	edc482c8ea	Changed HIBP Error message. - Moved the manual link to the check to the top. - Clearified that hibp is a payed service. - Changed error logo to hibp logo.	5 years ago
BlackDex	6e5c03cc78	Some modification when no HIBP API Key is set - Added an URL with the useraccount for manual check. - Added support for HTTP(S)_PROXY for hibp.	5 years ago
Daniel García	881c1978eb	Error when the URL scheme doesn't match the database type	5 years ago
Daniel García	662bc27523	Updated dependencies and fixed disable_admin_token description	5 years ago
Daniel García	e6b763026e	Merge branch 'master' into icon-security	5 years ago
Daniel García	c182583e09	Merge pull request #644 from BlackDex/issue-565 Fixed issue #565	5 years ago
Daniel García	d821389c2e	Merge pull request #639 from vverst/cors-update Change CORS headers	5 years ago
BlackDex	be2916333b	Fixed issue #565 Issue fixed by omitting the cookie header when cookie_str is empty	5 years ago
BlackDex	9124d8a3fb	Updated icon blacklisting. - Blacklisting was not effective for redirects and rel href - Able to blacklist non global IP's like RFC1918, multicast etc...	5 years ago
vpl	7b1da527a6	Change CORS headers Only add Allow-Origin to all requests and move the others to preflight OPTIONS request. If Origin is `file://` change it to the wildcard.	5 years ago
Miro Prasil	d6e9af909b	Remove the unnecessary check for sqlite The binary we use is called `sqlite3` so no need to check for other name variants as we won't use those anyways.	5 years ago
Miro Prasil	acdd42935b	Add sqlite binary into the docker images This is done to enable backup functionality in the admin interface while we're waiting for the libsqlite-sys 0.17 to bubble up in the upstream dependencies. Then we can start using `VACUUM INTO` This also extends the check for the sqlite binary to also try `sqlite3` as this is the name of the binary in baseimage distributions we use.	5 years ago
vpl	56f12dc982	Use Access-Control-Allow-Method	5 years ago
Daniel García	4c07f05b3a	Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder. Removed unnecessary returns	5 years ago
Michael Powers	f5f9861a78	Adds support for PostgreSQL which resolves #87 and is mentioned in #246 . This includes migrations as well as Dockerfile's for amd64. The biggest change is that replace_into isn't supported by Diesel for the PostgreSQL backend, instead requiring the use of on_conflict. This unfortunately requires a branch for save() on all of the models currently using replace_into.	5 years ago
Daniel García	df8114f8be	Updated client kdf iterations to 100000 and fixed some lints	5 years ago
vpl	5a2f968d7a	Set correct response headers, status code	5 years ago
vpl	16d88402cb	Initial version of CORS support	5 years ago
Daniel García	7dcf18151d	Fix onsubmit	5 years ago
Daniel García	e3404dd322	Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values	5 years ago
Daniel García	bfc517ee80	Remove unused warning	5 years ago
Daniel García	4a7d2a1e28	Rename static files endpoint	5 years ago
Daniel García	c07c9995ea	Merge pull request #555 from vverst/email-codes Add Email 2FA login	5 years ago
ViViDboarder	672a245548	Remove unecessary clone	5 years ago
vpl	5d50b1ee3c	Merge remote-tracking branch 'upstream/master' into email-codes	5 years ago
vpl	c99df1c310	Compare token using crypto::ct_eq	5 years ago
vpl	591ae10144	Get token from single u64	5 years ago
ViViDboarder	2d2745195e	Allow explicitly defined smtp auth mechansim	5 years ago
Daniel García	026f9da035	Allow removing users two factors	5 years ago
Daniel García	d23d4f2c1d	Allow editing HIBP key in the admin panel	5 years ago
Daniel García	515b87755a	Update HIBP to v3, requires paid API key, fixes #583	5 years ago
vpl	ee7837d022	Add option to require new device emails	5 years ago
Daniel García	07743e490b	Ignore error sending device email	5 years ago
BlackDex	e7b6238f43	Added reqwest proxy support	5 years ago
vpl	ad2225b6e5	Add configuration options for Email 2FA	5 years ago
vpl	5609103a97	Use ring to generate email token	5 years ago
vpl	6d460b44b0	Use saved token for email 2fa codes	6 years ago
vpl	efd8d9f528	Remove some unused imports, unneeded mut variables	6 years ago
vpl	29aedd388e	Add email code logic and move two_factor into separate modules	6 years ago
vpl	27e0e41835	Add email authenticator logic	6 years ago
vpl	0b60f20eb3	Add email message for twofactor email codes	6 years ago
Daniel García	c9c3f07171	Updated dependencies and fixed panic getting icons	6 years ago
vpl	df71f57d86	Move send device email to end of password login Send new device email after two factor authentication.	6 years ago
vpl	60e39a9dd1	Move retrieve/new device from connData to separate function	6 years ago
vpl	bc6a53b847	Add new device email when user logs in	6 years ago
Daniel García	05a1137828	Move backend checks to build.rs to fail fast, and updated dependencies	6 years ago
Nick Fox	2e300da057	Fix #468 - Percent-encode the email address in invite link	6 years ago
Cubity_First	6989fc7bdb	Corrected Spelling Changed it from Chache to Cache on Line 207	6 years ago
Daniel García	76f38621de	Update dependencies and remove unwraps from Cipher::to_json	6 years ago
Daniel García	12af32b9ea	Don't print DB URL	6 years ago
Daniel García	9add8e19eb	Update dependencies and remove travis unused feature	6 years ago
Daniel García	5710703c50	Make sure the backup option only appears when using sqlite	6 years ago
Daniel García	1322b876e9	Merge pull request #493 from endyman/feature/initial_mysql_support Initial support for mysql	6 years ago
Daniel García	9ed2ba61c6	Merge pull request #475 from TheMardy/master Create Backup funcitonality	6 years ago
Nils Domrose	62a461ae15	remove syslog from ci, make features flag more clear	6 years ago
Nils Domrose	4859932d35	fixed typo	6 years ago
Nils Domrose	dc36f0cb6c	re-added sqlite check_db code, cleanup	6 years ago
Nils Domrose	ff759397f6	initial mysql support	6 years ago
Emil Madsen	233b48bdad	Fix missing joinable in schema	6 years ago
Emil Madsen	e22e290f67	Fix key and type variable names for mysql	6 years ago

1 2 3 4 5 ...

594 Commits (9b1d07365e92f6f5e9b51b82fd3f30fdcab660b5)