632f4d5453
Whitespace fixes
5 years ago
9cca64003a
Remove unused dependency and simple feature, update dependencies and fix some clippy lints
5 years ago
0de52c6c99
Merge pull request #957 from jjlin/domain-whitelist
...
Domain whitelist cleanup and fixes
5 years ago
86685c1cd2
Ensure email domain comparison is case-insensitive
5 years ago
0a68de6c24
Warn on empty `ADMIN_TOKEN` instead of bailing out
...
The admin page will still be disabled.
Fixes #849 .
5 years ago
c2a324e5da
Clean up domain whitelist logic
...
* Make `SIGNUPS_DOMAINS_WHITELIST` override the `SIGNUPS_ALLOWED` setting.
Otherwise, a common pitfall is to set `SIGNUPS_DOMAINS_WHITELIST` without
realizing that `SIGNUPS_ALLOWED=false` must also be set.
* Whitespace is now accepted in `SIGNUPS_DOMAINS_WHITELIST`. That is,
`foo.com, bar.com` is now equivalent to `foo.com,bar.com`.
* Add validation on `SIGNUPS_DOMAINS_WHITELIST`. For example, `foo.com,`
is rejected as containing an empty token.
5 years ago
70f3ab8ec3
Migrate lazy_static to once_cell, less macro magic and slightly faster
5 years ago
5a974c7b94
Added SMTP test button in the admin gui
...
- Added a test button for checking the e-mail settings.
- Fixed a bug with the _post JavaScript function:
A function was overwriten with a variable and errors were not handled
correctly like a 500 for example.
5 years ago
cd8907542a
Make sure the provided domain contains the protocol and show a useful error when it doesn't
5 years ago
29a0795219
Add backend support for alternate base dir (subdir/subpath) hosting
...
To use this, include a path in the `DOMAIN` URL, e.g.:
* `DOMAIN=https://example.com/custom-path `
* `DOMAIN=https://example.com/multiple/levels/are/ok `
5 years ago
325039c316
Attachment size limits, per-user and per-organization
5 years ago
8867626de8
Add option to change invitation org name, fixes #825
...
Add option to allow additional iframe ancestors, fixes #843
Sort the rocket routes before printing them
5 years ago
480ba933fa
Don't error if admin token is empty but disabled
5 years ago
c4101162d6
SIGNUPS_ALLOWED with no whitelist [ fixes #830 ]
...
This reverts back to `SIGNUPS_ALLOWED` when there is no domain whitelist
set. The functionality was broken in 64d6f72
5 years ago
632d55265b
Merge pull request #824 from tomuta/fix_change_email
...
Fix change email when no whitelist is configured
5 years ago
e277f7d1c1
Fix change email when no whitelist is configured
...
Fixes issue #792
5 years ago
ff7b4a3d38
Update handlebars to 3.0 which included performance improvements.
...
Updated lettre to newer git revision, which should give better error messages now.
5 years ago
d212dfe735
Accept y/n, True/False, 1/0 as booleans in environment vars
5 years ago
88c56de97b
Config option for client IP header
5 years ago
a0ece3754b
Formatting
5 years ago
8d1b72b951
Collapsed log messages from 3 lines per request to 2 and hidden the ones valued as less informative.
...
Use LOG_LEVEL debug or trace to recover them.
Removed LOG_MOUNTS and bundled it with LOG_LEVEL debug and trace.
Removed duplicate error messages
Made websocket not proxied message more prominent, but only print it once.
5 years ago
1e224220a8
Updated deps and fixed some lints
5 years ago
bd1e8be328
Implement change-email, email-verification, account-recovery, and welcome notifications
5 years ago
64d6f72e6c
Add the ability to disable signups, but allow signups from a whitelist
...
This feature can be enabled by setting SIGNUPS_ALLOWED=false and
providing a comma-separated list of whitelisted domains in
SIGNUPS_DOMAINS_WHITELIST.
Fixes #727
5 years ago
3f6809bcdf
Fixed issue/request #705
...
Added a config option to disable time drifted totp codes.
Default is false, since this is what the RFC recommends.
5 years ago
c52adef919
Added configurable smtp timeout.
...
- Added config option for smtp timeout
- Lowered default timeout to 15 seconds instead of default 60.
5 years ago
d29b6bee28
Remove unnecessary clones and other clippy fixes
5 years ago
3b7a5bd102
Move 2FA email config to after SMTP config
5 years ago
881c1978eb
Error when the URL scheme doesn't match the database type
5 years ago
662bc27523
Updated dependencies and fixed disable_admin_token description
5 years ago
9124d8a3fb
Updated icon blacklisting.
...
- Blacklisting was not effective for redirects and rel href
- Able to blacklist non global IP's like RFC1918, multicast etc...
5 years ago
e3404dd322
Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values
5 years ago
c07c9995ea
Merge pull request #555 from vverst/email-codes
...
Add Email 2FA login
5 years ago
5d50b1ee3c
Merge remote-tracking branch 'upstream/master' into email-codes
5 years ago
591ae10144
Get token from single u64
5 years ago
2d2745195e
Allow explicitly defined smtp auth mechansim
5 years ago
d23d4f2c1d
Allow editing HIBP key in the admin panel
5 years ago
515b87755a
Update HIBP to v3, requires paid API key, fixes #583
5 years ago
ee7837d022
Add option to require new device emails
5 years ago
ad2225b6e5
Add configuration options for Email 2FA
5 years ago
0b60f20eb3
Add email message for twofactor email codes
5 years ago
bc6a53b847
Add new device email when user logs in
5 years ago
6989fc7bdb
Corrected Spelling
...
Changed it from Chache to Cache on Line 207
6 years ago
9add8e19eb
Update dependencies and remove travis unused feature
6 years ago
dc36f0cb6c
re-added sqlite check_db code, cleanup
6 years ago
ff759397f6
initial mysql support
6 years ago
ab95a69dc8
Rework migrations for MySQL
6 years ago
85c8a01f4a
Merge branch 'master' of github.com:Skeen/bitwarden_rs
6 years ago
42af7c6dab
MySQL database
6 years ago
8d9827c55f
Implement selection between global config and user settings for duo keys.
6 years ago
theycallmesteve
Daniel García
Jeremy Lin
Jeremy Lin
BlackDex
Miro Prasil
tomuta
vpl
ViViDboarder
Cubity_First
Nils Domrose
Nils Domrose
Emil Madsen