Commit Graph

922 Commits (cee3fd5ba284f376cd05755dbc9cd6b7ded297ed)

Author SHA1 Message Date
Daniel García 013d4c28b2
Try to fix #1218
4 years ago
Jeremy Lin 95caaf2a40 Add missing admin endpoints for deleting ciphers
4 years ago
Fabian van Steen b41a0d840c
Correction of verify_email error message
4 years ago
Rob Watson b9daa59e5d Add DATABASE_MAX_CONNS config setting
4 years ago
Daniel García 448e6ac917
Invalidate sessions when changing password or kdf values
4 years ago
Daniel García 729c9cff41
Retry initial db connection, with adjustable option
4 years ago
Mathijs van Veluw c698bca2b9
Merge branch 'master' into mariadb-fk-issues
4 years ago
BlackDex c64560016e Add /api/accounts/verify-password endpoint
4 years ago
BlackDex 978be0b4a9 Fixed foreign-key (mariadb) errors.
4 years ago
Daniel García 2f3e18caa9
Merge pull request #1146 from BlackDex/user-orgs-table-enhancement
4 years ago
BlackDex 6a291040bd As requested here: https://bitwardenrs.discourse.group/t/searchable-user-list-on-admin-panel/299
4 years ago
BlackDex f847c6e225 Updated the config options descriptions.
4 years ago
Daniel García 99da5fbebb
Merge pull request #1143 from BlackDex/better-lettre-errors
4 years ago
BlackDex 6a0d024c69 Format some common Lettre errors a bit simpler
4 years ago
BlackDex 9a47821642 Fixed creating a new organization
4 years ago
Daniel García d69968313b
Merge pull request #1140 from jjlin/UserOrgType-cmp
4 years ago
Daniel García 3c377d97dc
Merge pull request #1137 from BlackDex/smtp-multi-auth-mechanism
4 years ago
Jeremy Lin 0eee907c88 Simplify implementation of `UserOrgType::cmp()`
4 years ago
BlackDex c877583979 Allow multiple SMTP Auth meganisms.
4 years ago
BlackDex 844cf70345 Updated lettre (and other crates) and workflow.
4 years ago
Daniel García a0d92a167c
Merge pull request #1125 from jjlin/org-cipher-visibility
4 years ago
Jeremy Lin 4c3b328aca Hide ciphers from non-selected collections for org owners/admins
4 years ago
aaxdev 260ffee093 Improving code
4 years ago
aaxdev c59cfe3371 Fix MsgPack headers and support mobile SignalR
4 years ago
Daniel García 0822c0c128
Update admin page dependencies
4 years ago
Daniel García aaba1e8368
Fix some clippy warnings and remove unused function
4 years ago
Jeremy Lin 175d647e47 Delete associated favorites when deleting a cipher or user
4 years ago
Daniel García 0365b7c6a4
Add support for multiple simultaneous database features by using macros.
4 years ago
Daniel García 19889187a5
Merge pull request #1106 from jjlin/favorites
4 years ago
Daniel García 9571277c44
Merge pull request #1112 from jjlin/token-size-docs
4 years ago
Daniel García a202da9e23
Merge pull request #1099 from jjlin/global-domains
4 years ago
Jeremy Lin c05dc50f53 Add more docs on the `email_token_size` setting
4 years ago
Jeremy Lin d9684bef6b Generate tokens more simply and uniformly
4 years ago
Jeremy Lin db0c45c172 Sync global_domains.json to bitwarden/server@8383a08 (Yandex)
4 years ago
Jeremy Lin ad4393e3f7 Sync global_domains.json to bitwarden/server@80f57d2 (Amazon updates)
4 years ago
Jeremy Lin f83a8a36d1 Track favorites on a per-user basis
4 years ago
Jeremy Lin 0e9eba8c8b Maximize similarity between MySQL and SQLite/PostgreSQL schemas
4 years ago
Jeremy Lin d5c760960a Sync global_domains.json to bitwarden/server@af85e17 (eBay India updates)
4 years ago
Jeremy Lin 2c6ef2bc68 Sync global_domains.json to bitwarden/server@2c43019 (eBay updates)
4 years ago
Jeremy Lin 7032ae5587 Sync global_domains.json to bitwarden/server@6aed80a (Amazon updates)
4 years ago
Jeremy Lin 6d9f03e84b Sync global_domains.json to bitwarden/server@61b11e3
4 years ago
Daniel García 6a972e4b19
Make the admin URL redirect try to use the referrer first, and use /admin when DOMAIN is not configured and the referrer check doesn't work, to allow users without DOMAIN configured to use the admin page correctly
4 years ago
Daniel García 93b7ded1e6
Remove unneccessary shim for backtrace
4 years ago
Daniel García 29c6b145ca
Remove redundant user fetching from login
4 years ago
Daniel García a7a479623c
Merge pull request #1087 from jjlin/org-creation-users
4 years ago
Jeremy Lin 05b308b8b4 Sync global_domains.json with upstream
4 years ago
Jeremy Lin 570d6c8bf9 Add support for restricting org creation to certain users
4 years ago
Daniel García ad48e9ed0f
Fix unlock on desktop clients
4 years ago
Jeremy Lin a846f6c610 Fix soft delete notifications
4 years ago
Daniel García fd1354d00e
Merge pull request #1067 from jjlin/log-time-fmt
4 years ago
Jeremy Lin 071a3b2a32 Log timestamps with milliseconds by default
4 years ago
Daniel García 32cfaab5ee
Updated dependencies and changed rocket request imports
4 years ago
Jeremy Lin d348f12a0e Add config option for log timestamp format
5 years ago
Jeremy Lin de70fbf88a Use `strip_prefix()` instead of `trim_start_matches()` as appropriate
5 years ago
Daniel García 1e950c7dbc
Replace IP support in preparation for compiling on stable, included some tests to check that the code matches the unstable implementation
5 years ago
Daniel García f14e19a3d8
Don't compile the regexes each time
5 years ago
Daniel García 668d5c23dc
Removed try_trait and some formatting, particularly around imports
5 years ago
Jeremy Lin 790146bfac Fix error in PostgreSQL build
5 years ago
Jeremy Lin a28ebcb401 Use local time in email notifications for new device logins
5 years ago
Daniel García 77e47ddd1f
Merge pull request #1042 from jjlin/hide-passwords
5 years ago
Daniel García 596c9b8691
Add option to set name during HELO in email settings
5 years ago
Armaan Tobaccowalla 624791e09a
Allow postgres:// DATABASE_URL
5 years ago
Jeremy Lin f9a73a9bbe More cipher optimization/cleanup
5 years ago
Jeremy Lin 35868dd72c Optimize cipher queries
5 years ago
Jeremy Lin 979d010dc2 Add support for hiding passwords in a collection
5 years ago
Daniel García a87646b8cb
Some format changes to main.rs
5 years ago
BlackDex 24c914799d Fixes #1022 cloning with attachments
5 years ago
BlackDex 325691e588 Fixed wrong status if there is an update.
5 years ago
Robert Kaussow afbf1db331 add back openssl crate
5 years ago
BlackDex ac2723f898 Updated Organizations overview
5 years ago
BlackDex 2fffaec226 Added attachment info per user and some layout fix
5 years ago
BlackDex 5c54dfee3a Fixed an issue when DNS resolving fails.
5 years ago
BlackDex b47cf97409 Updated js/css libraries and fixed smallscreen err
5 years ago
Daniel García 5e802f8aa3
Update lettre to alpha release instead of git commit, and update the rest of dependencies while we are at it
5 years ago
Daniel García 0bdeb02a31
Merge pull request #1009 from jjlin/email-subject
5 years ago
Jeremy Lin 39d1a09704 Avoid double-slashes in the admin URL
5 years ago
Jeremy Lin a447e4e7ef Don't HTML-escape email subject lines
5 years ago
BlackDex b6fde857a7 Added version check to diagnostics
5 years ago
BlackDex 3c66deb5cc Redesign of the admin interface.
5 years ago
Jeremy Lin a314933557 Allow email changes for existing accounts even when signups are disabled
5 years ago
Daniel García c5d7e3f2bc
Merge pull request #1003 from frdescam/fix_arm_displaysize
5 years ago
Daniel García c95a2881b5
Merge pull request #998 from frdescam/fix_email_templates
5 years ago
fdeĉ 4c3727b4a3 use format! for rounding to fix arm issue
5 years ago
Daniel García a8870eef0d
Convert to f32 before rounding to fix arm issue
5 years ago
François afaebc6cf3 fixing hard coded width email templates
5 years ago
François 8f4a1f4fc2 fixing bad width in 2FA email template
5 years ago
Daniel García 0807783388
Add ip on totp miss
5 years ago
Daniel García dc2f8e5c85
Merge pull request #994 from jjlin/help-text
5 years ago
Daniel García aee1ea032b
Merge pull request #989 from theycallmesteve/update_responses
5 years ago
Jeremy Lin 322a08edfb Update startup banner to direct usage/config questions to the forum
5 years ago
theycallmesteve 08afc312c3
Add missing items to profileOrganization response model
5 years ago
theycallmesteve 5571a5d8ed
Update post_keys to return a keys response model
5 years ago
theycallmesteve 6a8c65493f
Rename collection_user_details to collection_read_only to reflect the response model
5 years ago
theycallmesteve dfdf4473ea
Rename to_json_list to to_json_provder to reflect the response model
5 years ago
theycallmesteve 42e37ebea1
Apply upstream global domain values and whitespace fixes
5 years ago
theycallmesteve 632f4d5453
Whitespace fixes
5 years ago
Daniel García 6c5e35ce5c
Change the mails content types to more closely match what we sent before
5 years ago
Daniel García 4ff15f6dc2
Merge pull request #978 from AltiUP/patch-1
5 years ago
Daniel García ec8028aef2
Merge pull request #979 from jjlin/admin-redirect
5 years ago
Daniel García 63cbd9ef9c
Update lettre to latest master
5 years ago
Daniel García 9cca64003a
Remove unused dependency and simple feature, update dependencies and fix some clippy lints
5 years ago
Jeremy Lin 819d5e2dc8 Use absolute URIs for admin page redirects
5 years ago
Christophe Gherardi 3b06ab296b
Delete the call to the map file
5 years ago
Daniel García 0de52c6c99
Merge pull request #957 from jjlin/domain-whitelist
5 years ago
Daniel García e3b00b59a7
Initial support for soft deletes
5 years ago
BlackDex 1ee8e44912 Fixed issue #965
5 years ago
Jeremy Lin 86685c1cd2 Ensure email domain comparison is case-insensitive
5 years ago
Jeremy Lin 0a68de6c24 Warn on empty `ADMIN_TOKEN` instead of bailing out
5 years ago
Jeremy Lin e4d08836e2 Make org owner invitations respect the email domain whitelist
5 years ago
Jeremy Lin c2a324e5da Clean up domain whitelist logic
5 years ago
Jeremy Lin 6cd8512bbd Fix Duo auth failure with non-lowercased email addresses
5 years ago
Jeremy Lin 7407b8326a Fix attachment size limit calculation
5 years ago
Daniel García adf47827c9
Make sure the data field is always returned, otherwise the mobile apps seem to have issues
5 years ago
Jeremy Lin 862d401077 Fix WebSocket notifications
5 years ago
Jeremy Lin c06162b22f Handle `devicePushToken`
5 years ago
Daniel García 7a6a3e4160
Set the cargo version and allow changing it during build time with BWRS_VERSION.
5 years ago
Daniel García 94341f9f3f
Fix token error while accepting invite
5 years ago
Daniel García ff19fb3426
Merge pull request #919 from BlackDex/issue-908
5 years ago
BlackDex baac8d9627 Fixed issue #908
5 years ago
BlackDex 669b101e6a Fixing issue #908
5 years ago
Daniel García d2d9fb08cc
Revert "Use opportunistic TLS in SMTP connections"
5 years ago
BlackDex 35f30088b2 Fixing issue #759 by disabling Foreign Key Checks.
5 years ago
Daniel García dce054e632
Merge pull request #912 from ymage/openssl_as_default
5 years ago
Ymage ba725e1c25 Make openssl crate as default (non feature-flipped)
5 years ago
Daniel García 7d9c7017c9
Merge pull request #911 from BlackDex/upgrade-rocket
5 years ago
BlackDex bd09fe1a3d Updated code so backtraces are logged also.
5 years ago
BlackDex bcbe6177b8 Merge branch 'master' of https://github.com/dani-garcia/bitwarden_rs into log-panics
5 years ago
BlackDex 9b1d07365e Updated ring
5 years ago
BlackDex 37b212427c Updated jsonwebtoken
5 years ago
BlackDex 078234d8b3 Small change for rocket compatibilty
5 years ago
Daniel García 2ee07ea1d8
Fix empty data when cloning cipher
5 years ago
Daniel García 40c339db9b
Fix postgres policies, second try
5 years ago
Daniel García 402c1cd06c
Merge pull request #906 from BlackDex/upgrade-reqwest
5 years ago
Daniel García 819f340f39
Fix issue with postgres
5 years ago
BlackDex 1b4b40c95d Updated reqwest to the latest version.
5 years ago
Daniel García afd9f4e278
Allow the smtp mechanism to be provided without quotes and all lowercase
5 years ago
Daniel García 47a9461f39
Merge pull request #903 from TheBinaryLoop/patch-1
5 years ago
Daniel García c6f64d8368
Merge pull request #901 from sleweke/feature/opportunistic_tls
5 years ago
Daniel García a30d5f4cf9
Fix cloning issues
5 years ago
Daniel García 3fa78e7bb1
Initial version of policies
5 years ago
Lukas Eßmann a8a7e4f9a5
Updated domains with new values vualt
5 years ago
Samuel Leweke 5d3b765a23 Use opportunistic TLS in SMTP connections
5 years ago
Daniel García 70f3ab8ec3
Migrate lazy_static to once_cell, less macro magic and slightly faster
5 years ago
BlackDex 84dc2eda1f Changed javascript default argument construction
5 years ago
BlackDex 390d10d656 Relocated SMTP test input+button.
5 years ago
zethra cc404b4edc
Added command line flags for help and version
5 years ago
BlackDex 97fb7b5b96 Added urlpath to smtpTest function
5 years ago
BlackDex 5a974c7b94 Added SMTP test button in the admin gui
5 years ago
BlackDex 7439aeb63e Make panics logable (as warn)
5 years ago
Daniel García cd8907542a
Make sure the provided domain contains the protocol and show a useful error when it doesn't
5 years ago
Daniel García ad9f2b2d8e
Removed test urlpath
5 years ago
Daniel García 2f4a9865e1
Use absolute paths in the admin page
5 years ago
Jeremy Lin 29a0795219 Add backend support for alternate base dir (subdir/subpath) hosting
5 years ago
Daniel García 325039c316
Attachment size limits, per-user and per-organization
5 years ago
Miro Prasil 03233429f4 Remove check from Invitation:take()
5 years ago
Miroslav Prasil 0a72c4b6db Do not disable invitations via admin API
5 years ago
Daniel García 8867626de8
Add option to change invitation org name, fixes #825
5 years ago
Daniel García f5916ec396
Fix backwards indices
5 years ago
Daniel García ebb36235a7
Cache icons in the clients
5 years ago
Daniel García def174a517
Convert email domains to punycode
5 years ago
Daniel García 480ba933fa
Don't error if admin token is empty but disabled
5 years ago
Miro Prasil c4101162d6 SIGNUPS_ALLOWED with no whitelist [fixes #830]
5 years ago
Daniel García 632d55265b
Merge pull request #824 from tomuta/fix_change_email
5 years ago
tomuta e277f7d1c1 Fix change email when no whitelist is configured
5 years ago
Daniel García ff7b4a3d38
Update handlebars to 3.0 which included performance improvements.
5 years ago
Daniel García d212dfe735
Accept y/n, True/False, 1/0 as booleans in environment vars
5 years ago
Daniel García 84ed185579
Update u2f to 0.2, which requires OpenSSL but also might solve the problems we've had with certificates.
5 years ago
Michael Powers e196ba6e86
Switch error handling to ? operator instead of explicit handling.
5 years ago
Michael Powers 76743aee48
Fixes #635 - Unique constraint violation when using U2F tokens on PostgreSQL
5 years ago
Daniel García 96a189deb9
Merge pull request #803 from aeolyus/master
5 years ago
Daniel García 8c229920ad
Protect websocket server against panics
5 years ago
Richard Huang d592323e39
minor typo conect -> connect
5 years ago
Daniel García 36ae946655
Avoid some to_string in the request logging and include message to disable web vault when not found.
5 years ago
Daniel García cb6f392774
When receiving a comma separated list as IP, pick the first
5 years ago
Daniel García 88c56de97b
Config option for client IP header
5 years ago
Daniel García e274af6e3d
Print current server time when failing TOTP, and use chrono as the rest of the server
5 years ago
Daniel García a0ece3754b
Formatting
5 years ago
Daniel García 2545469713
Fix crash when page URL points to huge file
5 years ago
Daniel García 5cabf4d040
Fix IP not shown when failed login (Fixes #761)
5 years ago
Daniel García a03db6d224
Also hide options requests, unless using debug or trace
5 years ago
Daniel García 8d1b72b951
Collapsed log messages from 3 lines per request to 2 and hidden the ones valued as less informative.
5 years ago
Daniel García 912e1f93b7
Fix some lints
5 years ago
Daniel García adc443ea80
Add endpoint to delete specific U2F key
5 years ago
Daniel García 0d32179d07
Logout button in admin page
5 years ago
Daniel García 12928b832c
Fix broken tests
5 years ago
Daniel García 1e224220a8
Updated deps and fixed some lints
5 years ago
Daniel García 924ba153aa
Merge pull request #730 from tomuta/email_verification
5 years ago
tomuta bd1e8be328 Implement change-email, email-verification, account-recovery, and welcome notifications
5 years ago
Daniel García 4b71197c97
Merge pull request #738 from ntimo/task/add-netcup-global-domains
5 years ago
BlackDex b209c1bc4d Add an option to fetch and parse href="data:image"
5 years ago
ntimo 2b8d08a3f4
Added netcup domains to global domains
5 years ago
Daniel García cbadf00941
Update web vault to fix twofactorauth.org integration
5 years ago
tomuta 64d6f72e6c Add the ability to disable signups, but allow signups from a whitelist
5 years ago
Timo N b889e5185e
Added tv.apple.com to global domains
5 years ago
BlackDex 3f6809bcdf Fixed issue/request #705
5 years ago
BlackDex c52adef919 Added configurable smtp timeout.
5 years ago
BlackDex 2ffc3eac4d Clippy fix
5 years ago
BlackDex 0ff7fd939e Next attempt for issue #709 fix
5 years ago
BlackDex ca7c5129b2 Fixed issue #709 creating icon_cache directory.
5 years ago
Daniel García b4dfc24040
Merge pull request #703 from patrickli/bugfix/dont-sync-excluded-global-domains
5 years ago
Patrick Li 85dbf4e16c
Don't include excluded global equivalent domains during sync
5 years ago
BlackDex 3442eb1b9d Trying to fix issue #687
5 years ago
Daniel García e449912f05
Generate recovery codes for email and duo
5 years ago
Daniel García d29b6bee28
Remove unnecessary clones and other clippy fixes
5 years ago
Miro Prasil 00a11b1b78 Stop leaking usernames when SIGNUPS_ALLOWED=false
5 years ago
BlackDex ee550be80c Added http favicon url when response failed
5 years ago
Daniel García fccc0a4b05
Update rocket to latest master
5 years ago
Jellyfrog ebc47dc161
Remove unneeded WS logging
5 years ago
vpl 3b7a5bd102 Move 2FA email config to after SMTP config
5 years ago
vpl 2edecf34ff Use user_uuid instead of mut twofactor
5 years ago
vpl 18bc8331f9 Send email when preparing 2FA JsonError
5 years ago
BlackDex 603a964579 Fixed issue #663.
5 years ago
Daniel García dc515b83f3
Merge pull request #657 from BlackDex/totp-timedrift
5 years ago
BlackDex 9466f02696 Recoded TOTP time drift validation
5 years ago
BlackDex 2cde814aaa Fixed a bug with the sqlite backup feature.
5 years ago
BlackDex d989a19f76 Merge branch 'master' of https://github.com/dani-garcia/bitwarden_rs into totp-timedrift
5 years ago
Daniel García d292269ea0
Make the blacklist logic be cached
5 years ago
BlackDex ebf40099f2 Updated authenticator TOTP
5 years ago
BlackDex edc482c8ea Changed HIBP Error message.
5 years ago
BlackDex 6e5c03cc78 Some modification when no HIBP API Key is set
5 years ago
Daniel García 881c1978eb
Error when the URL scheme doesn't match the database type
5 years ago
Daniel García 662bc27523
Updated dependencies and fixed disable_admin_token description
5 years ago
Daniel García e6b763026e
Merge branch 'master' into icon-security
5 years ago
Daniel García c182583e09
Merge pull request #644 from BlackDex/issue-565
5 years ago
Daniel García d821389c2e
Merge pull request #639 from vverst/cors-update
5 years ago
BlackDex be2916333b Fixed issue #565
5 years ago
BlackDex 9124d8a3fb Updated icon blacklisting.
5 years ago
vpl 7b1da527a6 Change CORS headers
5 years ago
Miro Prasil d6e9af909b Remove the unnecessary check for sqlite
5 years ago
Miro Prasil acdd42935b Add sqlite binary into the docker images
5 years ago
vpl 56f12dc982 Use Access-Control-Allow-Method
5 years ago
Daniel García 4c07f05b3a
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder.
5 years ago
Michael Powers f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246.
5 years ago
Daniel García df8114f8be
Updated client kdf iterations to 100000 and fixed some lints
5 years ago
vpl 5a2f968d7a Set correct response headers, status code
5 years ago
vpl 16d88402cb Initial version of CORS support
5 years ago
Daniel García 7dcf18151d
Fix onsubmit
5 years ago
Daniel García e3404dd322
Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values
5 years ago
Daniel García bfc517ee80
Remove unused warning
5 years ago
Daniel García 4a7d2a1e28
Rename static files endpoint
5 years ago
Daniel García c07c9995ea
Merge pull request #555 from vverst/email-codes
5 years ago
ViViDboarder 672a245548 Remove unecessary clone
5 years ago
vpl 5d50b1ee3c Merge remote-tracking branch 'upstream/master' into email-codes
5 years ago
vpl c99df1c310 Compare token using crypto::ct_eq
5 years ago
vpl 591ae10144 Get token from single u64
5 years ago
ViViDboarder 2d2745195e Allow explicitly defined smtp auth mechansim
5 years ago
Daniel García 026f9da035
Allow removing users two factors
5 years ago
Daniel García d23d4f2c1d
Allow editing HIBP key in the admin panel
5 years ago
Daniel García 515b87755a
Update HIBP to v3, requires paid API key, fixes #583
5 years ago
vpl ee7837d022 Add option to require new device emails
5 years ago