530 Commits (c5b7447dac3aa7620f039d2849d0fa149105adf4)

Author	SHA1	Message	Date
tomuta	64d6f72e6c	Add the ability to disable signups, but allow signups from a whitelist ... This feature can be enabled by setting SIGNUPS_ALLOWED=false and providing a comma-separated list of whitelisted domains in SIGNUPS_DOMAINS_WHITELIST. Fixes #727	5 years ago
Timo N	b889e5185e	Added tv.apple.com to global domains	5 years ago
BlackDex	3f6809bcdf	Fixed issue/request #705 ... Added a config option to disable time drifted totp codes. Default is false, since this is what the RFC recommends.	5 years ago
BlackDex	c52adef919	Added configurable smtp timeout. ... - Added config option for smtp timeout - Lowered default timeout to 15 seconds instead of default 60.	5 years ago
BlackDex	2ffc3eac4d	Clippy fix	5 years ago
BlackDex	0ff7fd939e	Next attempt for issue #709 fix ... Now creates icon cache directory at startup. And it also creates the directory if it went missing during runtime. Also modified the icon_save/mark_negcache to be one.	5 years ago
BlackDex	ca7c5129b2	Fixed issue #709 creating icon_cache directory. ... When the icon_cache directory doesn't exists yet, and the first icon catched is a miss this .miss file was not able to be created since the directory was only created during a valid icon download.	5 years ago
Daniel García	b4dfc24040	Merge pull request #703 from patrickli/bugfix/dont-sync-excluded-global-domains ... Don't include excluded global equivalent domains during sync	5 years ago
Patrick Li	85dbf4e16c	Don't include excluded global equivalent domains during sync ... Fixes #681	5 years ago
BlackDex	3442eb1b9d	Trying to fix issue #687 ... - Using an older commit from rocket repo	5 years ago
Daniel García	e449912f05	Generate recovery codes for email and duo	5 years ago
Daniel García	d29b6bee28	Remove unnecessary clones and other clippy fixes	5 years ago
Miro Prasil	00a11b1b78	Stop leaking usernames when SIGNUPS_ALLOWED=false ... This fixes #691 - respond in less specific way to not leak the fact that user is already registered on the server.	5 years ago
BlackDex	ee550be80c	Added http favicon url when response failed	5 years ago
Daniel García	fccc0a4b05	Update rocket to latest master ... Downgrade rust version to fix cargo issue Set rustup profile to minimal	5 years ago
Jellyfrog	ebc47dc161	Remove unneeded WS logging	5 years ago
vpl	3b7a5bd102	Move 2FA email config to after SMTP config	5 years ago
vpl	2edecf34ff	Use user_uuid instead of mut twofactor	5 years ago
vpl	18bc8331f9	Send email when preparing 2FA JsonError	5 years ago
BlackDex	603a964579	Fixed issue #663. ... During the 2fa activation there is no twofactor record yet. Changed the layout a bit so that it will generate a new twofactor record when it does not exists yet. Else it will just update the already existing record.	5 years ago
Daniel García	dc515b83f3	Merge pull request #657 from BlackDex/totp-timedrift ... Updated authenticator TOTP	5 years ago
BlackDex	9466f02696	Recoded TOTP time drift validation	5 years ago
BlackDex	2cde814aaa	Fixed a bug with the sqlite backup feature. ... When a custom path is used the backup feature does not work. Changed it so it will take the path of the sqlite file and use that.	5 years ago
BlackDex	d989a19f76	Merge branch 'master' of https://github.com/dani-garcia/bitwarden_rs into totp-timedrift	5 years ago
Daniel García	d292269ea0	Make the blacklist logic be cached	5 years ago
BlackDex	ebf40099f2	Updated authenticator TOTP ... - Added security check for previouse used codes - Allow TOTP codes with 1 step back and forward when there is a time drift. This means in total 3 codes could be valid. But only newer codes then the previouse used codes are excepted after that.	5 years ago
BlackDex	edc482c8ea	Changed HIBP Error message. ... - Moved the manual link to the check to the top. - Clearified that hibp is a payed service. - Changed error logo to hibp logo.	5 years ago
BlackDex	6e5c03cc78	Some modification when no HIBP API Key is set ... - Added an URL with the useraccount for manual check. - Added support for HTTP(S)_PROXY for hibp.	5 years ago
Daniel García	881c1978eb	Error when the URL scheme doesn't match the database type	5 years ago
Daniel García	662bc27523	Updated dependencies and fixed disable_admin_token description	5 years ago
Daniel García	e6b763026e	Merge branch 'master' into icon-security	5 years ago
Daniel García	c182583e09	Merge pull request #644 from BlackDex/issue-565 ... Fixed issue #565	5 years ago
Daniel García	d821389c2e	Merge pull request #639 from vverst/cors-update ... Change CORS headers	5 years ago
BlackDex	be2916333b	Fixed issue #565 ... Issue fixed by omitting the cookie header when cookie_str is empty	5 years ago
BlackDex	9124d8a3fb	Updated icon blacklisting. ... - Blacklisting was not effective for redirects and rel href - Able to blacklist non global IP's like RFC1918, multicast etc...	5 years ago
vpl	7b1da527a6	Change CORS headers ... Only add Allow-Origin to all requests and move the others to preflight OPTIONS request. If Origin is `file://` change it to the wildcard.	5 years ago
Miro Prasil	d6e9af909b	Remove the unnecessary check for sqlite ... The binary we use is called `sqlite3` so no need to check for other name variants as we won't use those anyways.	5 years ago
Miro Prasil	acdd42935b	Add sqlite binary into the docker images ... This is done to enable backup functionality in the admin interface while we're waiting for the libsqlite-sys 0.17 to bubble up in the upstream dependencies. Then we can start using `VACUUM INTO` This also extends the check for the sqlite binary to also try `sqlite3` as this is the name of the binary in baseimage distributions we use.	5 years ago
vpl	56f12dc982	Use Access-Control-Allow-Method	5 years ago
Daniel García	4c07f05b3a	Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder. ... Removed unnecessary returns	5 years ago
Michael Powers	f5f9861a78	Adds support for PostgreSQL which resolves #87 and is mentioned in #246. ... This includes migrations as well as Dockerfile's for amd64. The biggest change is that replace_into isn't supported by Diesel for the PostgreSQL backend, instead requiring the use of on_conflict. This unfortunately requires a branch for save() on all of the models currently using replace_into.	5 years ago
Daniel García	df8114f8be	Updated client kdf iterations to 100000 and fixed some lints	5 years ago
vpl	5a2f968d7a	Set correct response headers, status code	5 years ago
vpl	16d88402cb	Initial version of CORS support	5 years ago
Daniel García	7dcf18151d	Fix onsubmit	5 years ago
Daniel García	e3404dd322	Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values	5 years ago
Daniel García	bfc517ee80	Remove unused warning	5 years ago
Daniel García	4a7d2a1e28	Rename static files endpoint	5 years ago
Daniel García	c07c9995ea	Merge pull request #555 from vverst/email-codes ... Add Email 2FA login	5 years ago
ViViDboarder	672a245548	Remove unecessary clone	5 years ago