9124d8a3fb
Updated icon blacklisting.
...
- Blacklisting was not effective for redirects and rel href
- Able to blacklist non global IP's like RFC1918, multicast etc...
5 years ago
7b1da527a6
Change CORS headers
...
Only add Allow-Origin to all requests and move the others to preflight OPTIONS request.
If Origin is `file://` change it to the wildcard.
5 years ago
d6e9af909b
Remove the unnecessary check for sqlite
...
The binary we use is called `sqlite3` so no need to check for other
name variants as we won't use those anyways.
5 years ago
acdd42935b
Add sqlite binary into the docker images
...
This is done to enable backup functionality in the admin interface while
we're waiting for the libsqlite-sys 0.17 to bubble up in the upstream
dependencies. Then we can start using `VACUUM INTO`
This also extends the check for the sqlite binary to also try `sqlite3`
as this is the name of the binary in baseimage distributions we use.
5 years ago
56f12dc982
Use Access-Control-Allow-Method
5 years ago
4c07f05b3a
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder.
...
Removed unnecessary returns
5 years ago
f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246 .
...
This includes migrations as well as Dockerfile's for amd64.
The biggest change is that replace_into isn't supported by Diesel for the
PostgreSQL backend, instead requiring the use of on_conflict. This
unfortunately requires a branch for save() on all of the models currently
using replace_into.
5 years ago
df8114f8be
Updated client kdf iterations to 100000 and fixed some lints
5 years ago
5a2f968d7a
Set correct response headers, status code
5 years ago
16d88402cb
Initial version of CORS support
5 years ago
7dcf18151d
Fix onsubmit
5 years ago
e3404dd322
Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values
5 years ago
bfc517ee80
Remove unused warning
5 years ago
4a7d2a1e28
Rename static files endpoint
5 years ago
c07c9995ea
Merge pull request #555 from vverst/email-codes
...
Add Email 2FA login
5 years ago
672a245548
Remove unecessary clone
5 years ago
5d50b1ee3c
Merge remote-tracking branch 'upstream/master' into email-codes
5 years ago
c99df1c310
Compare token using crypto::ct_eq
5 years ago
591ae10144
Get token from single u64
5 years ago
2d2745195e
Allow explicitly defined smtp auth mechansim
5 years ago
026f9da035
Allow removing users two factors
5 years ago
d23d4f2c1d
Allow editing HIBP key in the admin panel
5 years ago
515b87755a
Update HIBP to v3, requires paid API key, fixes #583
5 years ago
ee7837d022
Add option to require new device emails
5 years ago
07743e490b
Ignore error sending device email
5 years ago
e7b6238f43
Added reqwest proxy support
5 years ago
ad2225b6e5
Add configuration options for Email 2FA
5 years ago
5609103a97
Use ring to generate email token
5 years ago
6d460b44b0
Use saved token for email 2fa codes
5 years ago
efd8d9f528
Remove some unused imports, unneeded mut variables
5 years ago
29aedd388e
Add email code logic and move two_factor into separate modules
5 years ago
27e0e41835
Add email authenticator logic
5 years ago
0b60f20eb3
Add email message for twofactor email codes
5 years ago
c9c3f07171
Updated dependencies and fixed panic getting icons
5 years ago
df71f57d86
Move send device email to end of password login
...
Send new device email after two factor authentication.
5 years ago
60e39a9dd1
Move retrieve/new device from connData to separate function
5 years ago
bc6a53b847
Add new device email when user logs in
5 years ago
05a1137828
Move backend checks to build.rs to fail fast, and updated dependencies
5 years ago
2e300da057
Fix #468 - Percent-encode the email address in invite link
5 years ago
6989fc7bdb
Corrected Spelling
...
Changed it from Chache to Cache on Line 207
6 years ago
76f38621de
Update dependencies and remove unwraps from Cipher::to_json
6 years ago
12af32b9ea
Don't print DB URL
6 years ago
9add8e19eb
Update dependencies and remove travis unused feature
6 years ago
5710703c50
Make sure the backup option only appears when using sqlite
6 years ago
1322b876e9
Merge pull request #493 from endyman/feature/initial_mysql_support
...
Initial support for mysql
6 years ago
9ed2ba61c6
Merge pull request #475 from TheMardy/master
...
Create Backup funcitonality
6 years ago
62a461ae15
remove syslog from ci, make features flag more clear
6 years ago
4859932d35
fixed typo
6 years ago
dc36f0cb6c
re-added sqlite check_db code, cleanup
6 years ago
ff759397f6
initial mysql support
6 years ago
233b48bdad
Fix missing joinable in schema
6 years ago
e22e290f67
Fix key and type variable names for mysql
6 years ago
ab95a69dc8
Rework migrations for MySQL
6 years ago
85c8a01f4a
Merge branch 'master' of github.com:Skeen/bitwarden_rs
6 years ago
42af7c6dab
MySQL database
6 years ago
4f45cc081f
Update ring to 0.14, jwt to 6.0, and u2f
6 years ago
ef551f4cc6
Create Backup funcitonality
...
Added create backup functionality to the admin panel
6 years ago
5521a86693
Change path for served images to avoid collision with vault images
6 years ago
3160780549
Merge pull request #401 from TheMardy/master
...
Images in Email Templates
6 years ago
f0701657a9
Changed to Bitwarden_RS Logo
6 years ago
874f5c34bd
Formatting
6 years ago
253faaf023
Use users duo host when required, instead of always using the global one
6 years ago
3d843a6a51
Merge pull request #460 from janost/organization-vault-purge
...
Fixed purging organization vault
6 years ago
03fdf36bf9
Fixed purging organization vault
6 years ago
fdcc32beda
Validate Duo credentials when custom
6 years ago
bf20355c5e
Merge branch 'duo'
6 years ago
0136c793b4
Implement better user status API, in the future we'll probably want a way to disable users.
...
We should migrate from the empty password hash to a separate column then.
6 years ago
2e12114350
Always create the user when inviting from admin panel
6 years ago
d3a8a278e6
Add new endpoint for retrieving all users
6 years ago
8d9827c55f
Implement selection between global config and user settings for duo keys.
6 years ago
cad63f9761
Auto generate akey
6 years ago
bf446f44f9
Enable DATA_FOLDER to affect default CONFIG_FILE path
6 years ago
621f607297
Update dependencies and fix some warnings
6 years ago
754087b990
Add global duo config and document options in .env template
6 years ago
cfbeb56371
Implement user duo, initial version
...
TODO:
- At the moment each user needs to configure a DUO application and input the API keys, we need to check if multiple users can register with the same keys correctly and if so we could implement a global setting.
- Sometimes the Duo frame doesn't load correctly, but canceling, reloading the page and logging in again seems to fix it for me.
6 years ago
c5832f2b30
With the latest fern, syslog can be a config option instead of a build flag
6 years ago
2475c36a75
Implement log_level config option
6 years ago
c384f9c0ca
Set default log level to Info, we don't use debug anyway and it just fills the logs with other crates info.
6 years ago
6b686c18f7
Fixed long e-mail message extending 1000 lines.
...
- Added quoted_printable crate to encode the e-mail messages.
- Change the way the e-mail gets build to use custom part headers.
6 years ago
7976d39d9d
Adjust whitespace
6 years ago
5ee9676941
Break up long line to stop SMTP from breaking
6 years ago
4b40cda910
Added domain blacklist regex for icons service and improved valid domain check.
...
Reorganized the icons code a bit.
6 years ago
4689ed7b30
Changed uppercase deserializer to avoid a clone.
6 years ago
61515160a7
Allow changing error codes and create an empty error.
...
Return 404 instead of 400 when no accounts breached.
6 years ago
e93538cea9
Add option to use wrapped TLS in email, instead of STARTTLS upgrade
6 years ago
b4244b28b6
Update admin page scripts and fixed broken tooltip
6 years ago
43f9038325
Add option to force resync clients in admin panel
6 years ago
339044f8aa
Add warning about config panel values overriding env vars.
6 years ago
0718a090e1
Trim spaces from admin token during authentication and validate that the admin panel token is not empty
6 years ago
9e1f030a80
Explicitly close SMTP connection in case of error.
6 years ago
04922f6aa0
Some formatting and dependency updates
6 years ago
7d2bc9e162
Added option to force 2fa at logins and made some changes to two factor code.
...
Added newlines to config options to keep them a reasonable length.
6 years ago
10756b0920
Update dependencies and fix some lints
6 years ago
d156170971
Minor typo fix conect => connect
6 years ago
473f8b8e31
remove some unneeded mutability
6 years ago
5794969f5b
Merge pull request #406 from shauder/feature/disable-admin-token
...
Allow the Admin token to be disabled in the advanced menu
6 years ago
8b5b06c3d1
Allow the Admin token to be disabled in the advanced menu
6 years ago
b50c27b619
Print a warning when an env variable is being overriden by the config file, and reorganize the main file a bit.
...
Modified the JWT key generation, now it should also show the output of OpenSSL in the logs.
6 years ago
5ee04e31e5
Updated dependencies, removed some unnecessary clones and fixed some lints
6 years ago
bf6ae91a6d
Remove margins on small devices
6 years ago
828e3a5795
Add extra padding when the toolbar collapses in small devices
6 years ago
7b5bcd45f8
Show read-only options in the config panel and the env variable names in the tooltips
6 years ago
0b903fc5f4
Extended the template file and refer to wiki
6 years ago
4df686f49e
Add an option to not enable WAL (should help in #399 )
6 years ago
d7eeaaf249
Escape user data from admin panel when calling JS
6 years ago
84fb6aaddb
Set correct MIME type
6 years ago
a744b9437a
Implemented multiple U2f keys, key names, and compromised checks
6 years ago
6027b969f5
Delete old devices when deauthorizing user sessions
6 years ago
93805a5d7b
Fix Yubikeys deleted on error
6 years ago
8526055bb7
Added images to email templates
6 years ago
a79334ea4c
Added static email image routes
6 years ago
d3773a433a
Removed list of mounted routes at startup by default, with option to add it back. This would get annoying when starting the server frequently, because it printed ~130 lines of mostly useless info
6 years ago
0f0a87becf
Add version to initial message
6 years ago
3b27dbb0aa
Added config option for icon download timeout
6 years ago
9636f33fdb
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens
6 years ago
79fdfd6524
Add missing url parameter
6 years ago
d086a99e5b
Implemented HTML emails with text alternative
6 years ago
22b0b95209
Added HTML templates (+14 squashed commit)
...
Squashed commit:
[ece2260] Plaintext send_org_invite
[01d4884] Plaintext pw_hint_some
[6ce5173] Plaintext pw_hint_none
[881af3e] Plaintext invite_confirmed
[ce78621] Plaintext invite_accepted
[13a44a4] Rename send_org_invite.hbs to send_org_invite.html.hbs
[b52bf2f] Rename pw_hint_some.hbs to pw_hint_some.html.hbs
[e0d1aeb] Rename pw_hint_none.hbs to pw_hint_none.html.hbs
[898dbcd] Rename invite_confirmed.hbs to invite_confirmed.html.hbs
[107af31] Rename invite_accepted.hbs to invite_accepted.html.hbs
[d26d662] Updated send_org_invite template
[71f47af] Updated pw_hint_some template
[c2ca3c2] Updated pw_hint_none template
[50f8bfb] Updated invite_accepted template
[17f96f8] Updated invite_confirmed template
6 years ago
28d1588e73
Show version in admin panel
6 years ago
f3b1a5ff3e
Error when admin panel is disabled
6 years ago
330e90a6ac
Hide secrets in config panel
6 years ago
820c8b0dce
Change use of deserialize_with for Option iterator
6 years ago
8b4a6f2a64
Fixed some clippy lints and changed update_uuid_revision to only use one db query
6 years ago
ef63342e20
Add reset user config button
6 years ago
89840790e7
Fix .env path traversal issue
6 years ago
a72809b225
Yubico and SMTP enable/disable master switches
6 years ago
9976e4736e
Add groups
6 years ago
dc92f07232
Added env variable to select config file. Initial work towards groups and added tooltips with descriptions and nicer names
6 years ago
3db815b969
Implemented config form and fixed config priority
6 years ago
ade293cf52
Save config
6 years ago
877408b808
Implement basic config loading and updating. No save to file yet.
6 years ago
86ed75bf7c
Config can now be serialized / deserialized
6 years ago
20d8d800f3
Updated dependencies
6 years ago
08ca47cadb
Update revision when adding or removing cipher from collection
6 years ago
5272b465cc
Update revision of affected users when deleting Collection
6 years ago
637f655b6f
Do not allocate uneccessary Vec
6 years ago
b3f7394c06
Do not update revision at the end, as we already did that
6 years ago
1a5ecd4d4a
cipher does not need to be mutable
6 years ago
bd65c4e312
Remove superfluous cipher.save() call
6 years ago
bce656c787
Retry updating revision - fixes #383
6 years ago
9026cc8d42
Fixed issue when the iconlist is smaller then 5
...
When the iconlist was smaller then 5 items, it would cause a panic.
Solved by using .truncate() on the iconlist.
6 years ago
574b040142
Loop through the iconlist until an icon is found
...
Loop for a maximum of 5 times through the iconlist or until a
successful download of an icon.
6 years ago
c13f115473
Fixed issue #380
...
- Created a separate function for parsing the sizes attribute
- Parsing sizes now with regex
- Should work with any non-digit separator
6 years ago
bc461d9baa
Some small changes on the iter of the cookies
6 years ago
5016e30cf2
Added cookies to the icon download request.
...
Some sites use XSRF Tokens, or other Tokens to verify a subseqense
response. The cookies which are sent during the page request are now
used when downloading the favicon.
A site which uses this is mijn.ing.nl.
6 years ago
f42ac5f2c0
Update web vault error message
6 years ago
2a60414031
Reuse the client between requests, and use the client when downloading the icons themselves
6 years ago
feb74a5e86
Changed the way to fix the href
...
- Using url from reqwest to fix href, this fixes:
+ "//domain.com/icon.png"
+ "relative/path/to/icon.png"
+ "/absolute/path/to/icon.png"
- Removed fix_href function
- Some variable changes
6 years ago
c0e350b734
Disable icon downloads, accept optional query after icon href, format and clippy fixes
6 years ago
bef1183c49
Only send one notification per vault import and purge, improve move ciphers functions
6 years ago
f935f5cf46
Remove local icon extractor
6 years ago
07388d327f
Merge pull request #370 from BlackDex/favicons
...
Added better favicon downloader.
6 years ago
4de16b2d17
Removed unwrap and added ?
6 years ago
da068a43c1
Moved function call to get_icon_url to prevent error bubbeling
6 years ago
9657463717
Added better favicon downloader.
6 years ago
69036cc6a4
Add disabled user badge (no password) and deauthorize button to admin page.
6 years ago
700e084101
Add 2FA icon to admin panel
6 years ago
a1dc47b826
Change config to thread-safe system, needed for a future config panel.
...
Improved some two factor methods.
6 years ago
86de0ca17b
Fix editing users from collections menu
6 years ago
fc0e239bdf
No point calling find_by_uuid now we don't use the result.
6 years ago
928ad6c1d8
Fix the list of users with access to a collection to display correctly.
...
https://github.com/dani-garcia/bitwarden_rs/issues/364
6 years ago
ddd49596ba
Fix invite empty email
6 years ago
b8cabadd43
Fix admin page links
6 years ago
ce42b07a80
Update Diesel to 1.4 and other dependencies
6 years ago
bfd93e5b13
Show organizations in admin panel, implement reload templates option
6 years ago
a797459560
Implement HIBP check [WIP].
...
Add extra security attributes to admin cookie.
Error handling.
6 years ago
6cbb683f99
Rename admin templates to match email
6 years ago
92bbb98d48
Created base template
6 years ago
834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template
6 years ago
97aa407fe4
Move email templates to subfolder
6 years ago
d8116a80df
Add Feature-Policy header
6 years ago
e0aec8d373
Use new i64::to_be_bytes and remove byteorder dep
...
(https://doc.rust-lang.org/stable/std/primitive.i64.html#method.to_be_bytes )
6 years ago
1ce2587330
Correct update cipher order: first save cipher, then cipher-folder, then notify
6 years ago
71a10e0378
Fix sharing the item to organization.
6 years ago
9bf13b7872
Can't return inside multipart closure
6 years ago
d420992f8c
Update some function calls to use ?
6 years ago
c259a0e3e2
Save recovery code when using yubikey and stop repeating headers.user everywhere
6 years ago
432be274ba
Improve org mismatch check, consider different orgs
6 years ago
484bf5b703
Check that the client is not updating an outdated cipher, that should be part of an org now
6 years ago
4bf32af60e
Fix folder notifications, enable template strict mode and add missing option to env template
6 years ago
0e4a746eeb
Added SMTP_FROM_NAME
6 years ago
2fe919cc5e
Embed the default templates
6 years ago
bcd750695f
Default to $data_folder/templates and remove dev option (use `TEMPLATES_FOLDER=src/static/templates` instead)
6 years ago
19b6bb0fd6
Initial stab at templates
6 years ago
f571df7367
Revert yubikey feature, not needed anymore
6 years ago
de51bc782e
Updated dependencies, removing need for yubico fork
6 years ago
c5aef60bd7
Implement unofficial warning message
6 years ago
6f52104324
Fix casing error in Attachment, should fix 'Attachment doesn't exist' errors
6 years ago
1d7f704754
Send CipherUpdate when adding and deleting attachments
6 years ago
1d034749f7
Fix AArch64 build by disabling yubico
6 years ago
320266606e
Implement put collections
6 years ago
a0a08c4c5a
Include IP in invalid admin token error
6 years ago
4309df8334
Only create invitations when SMTP is disabled, and ignore invitations if we have a token.
...
Disallow users from accepting invitation twice
6 years ago
f1161c65fb
Make sure an invitation is created when reinviting
6 years ago
50eeb4f651
Remove whitespace before processing tokens
6 years ago
21b85b78b1
Changed reinvite check and removed obsolete comment
6 years ago
673adde9f1
Make the admin retype the user name before deleting
6 years ago
c9063a06b4
Print unauthorized error message
6 years ago
5e37471488
Merge pull request #323 from njfox/invite_accepted_email
...
Send email notifications when invitations are accepted/confirmed
6 years ago
0a74e79cea
Refactor generate_invite_claims, make org_name and org_id optional
6 years ago
BlackDex
vpl
Miro Prasil
Daniel García
Michael Powers
ViViDboarder
Nick Fox
Cubity_First
Nils Domrose
Nils Domrose
Emil Madsen
TheMardy
janost
Frank Petrilli
Дамјан Георгиевски
Shane Faulkner
Miroslav Prasil
TheMardy
TheMardy
Stephen White
TBK