Commit Graph

382 Commits (ff2fbd322eca00af03ac5d1ee4854a147069cdc7)

Author SHA1 Message Date
Stepan Fedorko-Bartos aba9c28226 Disable Yubikey 2FA if 0 Keys Provided
6 years ago
Stepan Fedorko-Bartos 82e2b8a8c0 Code style changes
6 years ago
Miroslav Prasil 044cf19913 Prevent accepted user from seeing ciphers until confirmed (fixes #196)
6 years ago
Stepan Fedorko-Bartos 6d735806c0 Ensures Yubico Creds are set when opening Yubikey Modal
6 years ago
Stepan Fedorko-Bartos 2433d39df5 Allows Custom Yubico OTP Server
6 years ago
Stepan Fedorko-Bartos 9e0e4b13c5 Adds Yubikey OTP Support
6 years ago
Stepan Fedorko-Bartos e66436625c Adds Yubico Client ID and Secret Key Env Vars
6 years ago
Daniel García f84cbeaaf8
Merge branch 'master' into rocket-0.4
6 years ago
Miroslav Prasil dd684753d0 Fix gt()
6 years ago
Miroslav Prasil f3e6cc6ffd Set PartialOrd to consider invalid i32 UserOrgType lower than anything
6 years ago
Miroslav Prasil b94f4db52a Fix #242
6 years ago
Miroslav Prasil 66a4c5d48b Implement comparison between i32 and UserOrgType
6 years ago
Daniel García 4638786507
Merge branch 'master' into rocket-0.4
6 years ago
Roman Hargrave 62bc58e145 Clean up after u2f endpoint split
6 years ago
Roman Hargrave 760e0ab805 Initial u2f fix
6 years ago
Daniel García 6eb1c3d638
Fixed change in organizations header, now Request::get_param() are indexed by segment, not dynamic parameter.
6 years ago
Daniel García bc532f54d5
Improve login query parsing
6 years ago
Daniel García c673370103
Updated bw_rs to Rocket version 0.4-rc1
6 years ago
janost c32c65d367 Accept PUT and POST on /settings/domains, returns JsonResult, fixes saving Custom Equivalent Domains
6 years ago
janost daa66b08dc Fix /sync without query string
6 years ago
janost 55fbd8d468 Don't send Domains if excludeDomains=true on /sync
6 years ago
Miroslav Prasil 2e7fa6440b Do not spawn WS thread if it's disabled
6 years ago
Miroslav Prasil 9ecc98c3cc Disable WebSockets negotiation by default
6 years ago
Daniel García 02fd68d63b
Merge pull request #218 from janost/refactor-folder-save
6 years ago
janost e985221b50 User::save() should return QueryResult instead of bool
6 years ago
janost 77cf63c06d Folder::save() should return QueryResult instead of bool
6 years ago
Daniel García faec050a6d
Merge pull request #217 from janost/refactor-device-save
6 years ago
janost 58a78ffa54 Device::save() should return QueryResult instead of bool
6 years ago
janost 64f6c60bfd Organization::save() and UserOrganization::save() should return QueryResult instead of bool
6 years ago
Miroslav Prasil a28caa33ef Implement poor man's admin panel
6 years ago
Daniel García ce4fedf191
Change error response to be closer to upstream
6 years ago
janost 5292d38c73 CollectionCipher::save() and delete() should return QueryResult instead of bool
6 years ago
Daniel García 1049646e27
Merge pull request #210 from janost/cipher-save-refactor
6 years ago
janost 380cf06211 Cipher::save() should return QueryResult instead of bool
6 years ago
janost c29bc9309a Return proper error message for org reinvite
6 years ago
Daniel García 7112c86471
Updated dependencies, removed valid mail check (now done by lettre), and updated global domains file
6 years ago
Daniel García 2aabf14372
Merge pull request #206 from mprasil/collection_revision
6 years ago
Miroslav Prasil d9457e929c Add continuation token when we return object list
6 years ago
Miroslav Prasil 86b49856a7 Handle return value from Collection::save()
6 years ago
Miroslav Prasil 54f54ee845 Update revision for users on collection save
6 years ago
Miroslav Prasil c3c74506a7 Add missing fields to returned Org json
6 years ago
Miroslav Prasil fb4e6bab14 Clean up the share_collection handling
6 years ago
Daniel García 9eaa9c1a17
Add WEBSOCKET_ADDRESS config option (Fixes #199)
6 years ago
Daniel García 3df31e3464
Temp fix for OpenSSL 1.1.1 compatibility
6 years ago
Daniel García ebb66c374e
Implement KDF iterations change (Fixes #195)
6 years ago
Miroslav Prasil f7951b44ba Add alias for DELETE call on accounts
6 years ago
Daniel García b75ba216d1
Return default prelogin values when the user doesn't exist
6 years ago
Daniel García 8651df8c2a
Fixed some lint issues
6 years ago
Daniel García 948554a20f
Added config option for websocket port, and reworked the config parsing a bit.
6 years ago
Daniel García 928e2424c0
Updated dependencies and fixed errors
6 years ago
Daniel García a01fee0b9f
Merge branch 'ws'
6 years ago
Daniel García f397f0cbd0
Implement organization import for admins and owners (Fixes #178)
6 years ago
Daniel García 3e1afb139c
Remove unnecessary return
6 years ago
Daniel García d66d4fd87f Add error message when the proxy doesn't route websockets correctly
6 years ago
Daniel García 1b20a25514
Merge pull request #173 from mprasil/poormans_invites
6 years ago
Miroslav Prasil c1cd4d9a6b Modify User::new to be keyless and paswordless
6 years ago
Daniel García b63693aefb
Merge pull request #137 from stammw/master
6 years ago
Miroslav Prasil ec05f14f5a Implement poor man's invitation via Organization invitation
6 years ago
Jean-Christophe BEGUE 37d88be2be return an error when email adress for password hint is not valid
6 years ago
Jean-Christophe BEGUE 1c641d7635 Special messages when user has no password hint
6 years ago
Jean-Christophe BEGUE e2ab2f7306 Save None instead of empty password hint
6 years ago
Daniel García 69dcbdd3b2 Merge branch 'master' into ws
6 years ago
Miroslav Prasil c58682e3fb Fix the logic in user edditing
6 years ago
Miroslav Prasil db111ae2a0 Check properly the user membership in Organization
6 years ago
Miroslav Prasil 049aa33f17 Fix editing users in Organization
6 years ago
Shane A. Faulkner d8e5e53273 Add notifications for cipher delete and create
6 years ago
Shane A. Faulkner b6502e9e9d Add support for CipherUpdate notifications
6 years ago
Daniel García d70864ac73 Initial version of websockets notification support.
6 years ago
Miroslav Prasil d336d89b83 Fix editing shared cipher (fixes #164)
6 years ago
Baelyk fe473b9e75 `Attachment::save()` returns Result instead of bool (#161)
6 years ago
mprasil 062ae4dd59 Allow non-Admin user to share to collection (fixes #157) (#159)
6 years ago
mprasil 3cfdf9b585 Add DELETE handlers fo cipher and attachment deletion (fixes #158) (#160)
6 years ago
Kumar Ankur 781056152a Support password history #155 (#156)
6 years ago
Baelyk c386b3bcf7 Add IP and Username to failed login attempts
6 years ago
Daniel García 8d1ee859f2 Implemented basic support for prelogin and notification negotiation
6 years ago
Miroslav Prasil 2b2401be19 Update affected users revision on cipher and folder change
6 years ago
Miroslav Prasil 9eea0151ba Update user revision timestamp on Organization changes
6 years ago
Miroslav Prasil 40d09ddd2a Add PUT alias for Organization updates
6 years ago
Daniel García d332e87655
Merge pull request #144 from mprasil/collection_revision
6 years ago
Miroslav Prasil a5ef8aef0f Update affected users revision when there are collection changes
6 years ago
Miroslav Prasil 4fb09c5b4d Actually update the revision date for user struct, not just in DB
6 years ago
Jean-Christophe BEGUE 9e63985b28 Check email validity before using it for password hint sending
6 years ago
Daniel García 6fdeeb56ce
Merge pull request #140 from mprasil/error_format
6 years ago
Daniel García b002d34cd4
Merge pull request #139 from mprasil/edit_shared_fix
6 years ago
Jean-Christophe BEGUE 401aa7c699 make SMTP authentication optionnal, let lettre pick the better auth mechanism
6 years ago
Miroslav Prasil 12a2dc0901 Add PUT alias for profile update
6 years ago
Miroslav Prasil b3f3fd81ac Update theerror format to show message in new Vault
6 years ago
Miroslav Prasil f2fec345ec Add PUT alias for editing cipher
6 years ago
Jean-Christophe BEGUE d68f57cbba Fix password hint showing logic
6 years ago
Jean-Christophe BEGUE 19e0605d30 Better message into the password hint email
6 years ago
Jean-Christophe BEGUE 812387e586 SMTP integration, send password hint by email.
6 years ago
Miroslav Prasil 00b882935f Deserialize "null" to empty Vec for Collections
6 years ago
Miroslav Prasil 0dfd9c7670 Add couple more aliases for PUTs and DELETEs
6 years ago
Miroslav Prasil 6ede1743ac add alias for PUT collections-admin
6 years ago
Daniel García d3f357b708 Implemented PUT for u2f registration
6 years ago
Daniel García 16056626b0
Merge pull request #131 from mprasil/revision_date
6 years ago
Jean-Christophe BEGUE f7ffb81d9e SMTP configuration parsing and checking
6 years ago
Miroslav Prasil 626a3c93ba Revert "Merge branch 'beta' of https://github.com/krankur/bitwarden_rs into beta"
6 years ago
Miroslav Prasil 3f5a99916a Implement update_revision trigger
6 years ago
Miroslav Prasil b5a057f063 Merge branch 'master' into beta
6 years ago
Kumar Ankur 3fd3d8d5e9 Merge branch 'beta' of https://github.com/krankur/bitwarden_rs into beta
6 years ago
Kumar Ankur 5f6d721c09 Implemented PUT for /two-factor/authenticator and /two-factor/disable
6 years ago
Kumar Ankur ddda86b90d Implemented bulk cipher share (share selected) #100
6 years ago
Daniel García c6256e1455
Merge pull request #128 from mprasil/revision_date
6 years ago
Miroslav Prasil 58c1545707 Return revision date in miliseconds (fixes #127)
6 years ago
Jean-Christophe BEGUE d3b4b10d18 Add a explaination to the password hint message #85
6 years ago
Jean-Christophe BEGUE c031ae9f2f Make password hints available in the error message #85
6 years ago
Kumar Ankur aac1304b46 clean up
7 years ago
Kumar Ankur 7dfc759691 Implmeneted DELETE on 'api/ciphers' to delete selected ciphers (#98)
7 years ago
Kumar Ankur 74e2ca81ae Implemented PUT for single cipher sharing (#97)
7 years ago
Miroslav Prasil b163aeb8ca Merge changes in master to beta branch (concurrency fixes)
7 years ago
Kumar Ankur 0e095a9fa4 change to reuse the logic for POST in PUT as well
7 years ago
Kumar Ankur 2f6aa3c363 Reverting removal of 'api/ciphers/move' POST as it is required for backward compatibility
7 years ago
Kumar Ankur fcc485384f clean up
7 years ago
Kumar Ankur 91a2319325 Implementing PUT for ciphers/move (#99)
7 years ago
Shane A. Faulkner 34d2648509
Merge pull request #3 from shauder/master
7 years ago
Miroslav Prasil 2872f40d13 WAL journal mode and delete retry added
7 years ago
Daniel García a291dea16f Updated dependencies and Docker image to new web-vault
7 years ago
Shane A. Faulkner 98bae4a0a1 Cleanup and working with 2 or less attachments
7 years ago
Miroslav Prasil 233d23a527 Return 404 in case the path doesn't match instead of 500
7 years ago
Miroslav Prasil de72655bb1 Add confirmed check to the OrgHeaders request guard
7 years ago
Shane A. Faulkner 31349a47d3 Very dirty addition of missing api's
7 years ago
Miroslav Prasil 692ed81306 Do not show organization stuff to not accepted user
7 years ago
Daniel García 819622e310 Documented U2F, removed debug prints, and documented missing features
7 years ago
Daniel García 970863ffb1 Set facets contentType
7 years ago
Daniel García 75615bb5c8 Ignore U2F challenge if not provided. Also checked that error_code has to be 0 for a successfull registration
7 years ago
Daniel García 6378d96d1a Add some extra debug prints
7 years ago
Daniel García c722256cbd Remove debug print
7 years ago
Daniel García 8ff50481e5 Use X-Forwarded-Host if available
7 years ago
Daniel García be4e6c6f0c Merge branch 'master' into u2f
7 years ago
Daniel García 2f892cb866 Hide org ciphers from unconfirmed users (Showed deciption error)
7 years ago
Daniel García 4f6f510bd4 Improve domain detection, should fix attachment problems. Otherwise, set the `DOMAIN` env variable to the correct domain
7 years ago
Daniel García dae92b9018 Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device.
7 years ago
Daniel García 1cb67eee69 Implement leave organization (accessed from the bottom of the user's settings page)
7 years ago
Daniel García e88d8c856d Change host url to https when it's enabled, should fix some problems downloading attachments
7 years ago
Daniel García df598d7208 Log posible errors when attaching file
7 years ago
Daniel García 35b4ad69bd Remove unused warnings
7 years ago
Daniel García 22786c8c9d
Merge pull request #55 from mprasil/debug_prints
7 years ago
Daniel García a1ffa4c28d Allow TOTP generation in organizations (Fixes #50)
7 years ago
Miroslav Prasil 9f8183deb0 Remove some extra debug prints
7 years ago
Daniel García ea600ab2b8 Don't ignore errors while downloading icons
7 years ago
Miroslav Prasil d84d8d756f Implement delete-admin call
7 years ago
Daniel García 7c316fc19a Added security headers to web-vault (fixes #44)
7 years ago
Daniel García 1c45c2ec3a Implemented API endpoints to modify profile name and hint, and to change email address, fixes #43
7 years ago
Daniel García 0905355629 Fix wrong case in import struct, invite collections and user Uri back-compat
7 years ago
Daniel García 7983ce4f13 Updated global domains file
7 years ago
Daniel García 5fc0472d88 Removed unneeded cipher code for changing case (fixed by last commit)
7 years ago
Daniel García 410ee9f1f7 Fixed case problems, hopefully this time for real
7 years ago
Daniel García 538dc00234 Improved configuration and documented options. Implemented option to disable web vault and to disable the use of bitwarden's official icon servers
7 years ago
Daniel García 515c84d74d Fixed casing issue
7 years ago
Daniel García f72efa899e Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage.
7 years ago
Daniel García 483066b9a0 Some style changes, removed useless matches and formats
7 years ago
Daniel García 57850a3379 Fix SSN field in Identity cipher not loading correctly
7 years ago
Daniel García b0ee5f6570 Improved two factor auth
7 years ago
Miroslav Prasil ac2ca5812b Remove unused UserOrganization
7 years ago
Miroslav Prasil e2b4f3b13f Bettech check for cipher access
7 years ago
Daniel García 4cf9f83866 Fixed sync
7 years ago
Daniel García 2be1dafe80 Missed some
7 years ago
Daniel García a71a2c2f48 Added missing collections to /api/sync
7 years ago
Daniel García 5ec728683e Make sure the inputs are always in the same case (PascalCase, which is what upstream seems to prefer most of the time)
7 years ago
Daniel García faa26ab8f5 Changed error message
7 years ago
Daniel García 1a4b1a8254 Enabled unused variable warning again, fixed some possible bugs where we didn't check some parameters, and explicitly marked all unused parameters (mostly orgheaders)
7 years ago
Miroslav Prasil 135ab4fb20 Clean up organizations.rs with new request guards
7 years ago
Miroslav Prasil 46f3b229ee Removed unnecessary checks, simplified the code a bit
7 years ago
Miroslav Prasil 62be23b1c0 Support listing and deleting users from collection
7 years ago
Miroslav Prasil 4d50014e35 Implement request guards for organization
7 years ago
Miroslav Prasil 85ecd001a5 Fix user invitation
7 years ago
Daniel García 2cf46e1a5f Make sure TOTP codes can be both Numbers or Strings, fixes #30
7 years ago
Miroslav Prasil a6105f7029 Let find_by_uuid_and_user return indirect collection (#26)
7 years ago
Miroslav Prasil 941747f9e8 Implement deleting Organization
7 years ago
Daniel García 726ba36e5b
Merge pull request #24 from mprasil/myvault_collections
7 years ago
Daniel García e301e69ff5 Change update_cipher method to save cipher before creating folder mapping, otherwise there is an error when creating a cipher with a folder value
7 years ago
Miroslav Prasil 2215bdf018 Support editing collections from user vault
7 years ago
Miroslav Prasil a0d2ca3f24 Implement deleting collections
7 years ago
Miroslav Prasil e54b52f109 Improve Folder::delete() to handle FolderCipher
7 years ago
Miroslav Prasil 21c1ab7fda Remove dependent items when removing cipher
7 years ago
Miroslav Prasil 180a02030c Remove user_uuid when sharing to organization
7 years ago
Miroslav Prasil 3b537f70ac Remove unnecessary test and rewrite match
7 years ago
Miroslav Prasil f43d329e22 Don't clone() unused value
7 years ago
Miroslav Prasil 8b18c4c633 Implement cipher sharing
7 years ago
Miroslav Prasil c054d0094a set max storage to non-null value
7 years ago
Miroslav Prasil b0472d7aab Delete owned ciphers on account deletion
7 years ago
Miroslav Prasil 89e544009f Fix duplicate ciphers returned from find_by_user
7 years ago
Miroslav Prasil 8bed867798 Also list shared ciphers in find_by_user
7 years ago
Daniel García fcef2fa1f1 Check that the database folder exists before connecting
7 years ago
Miroslav Prasil dfb1232081 Filter collection lists based on user
7 years ago
Miroslav Prasil 9cf449e1c5 Error on invalid collection ID in post_collections_admin
7 years ago
Miroslav Prasil e5c9d19e25 Remove outdated comment
7 years ago
Miroslav Prasil 34f2aa68f4 Implement Collection-Cipher mapping
7 years ago
Daniel García 032134aabc Fixed some errors asigning collections to users
7 years ago
Daniel García 7e7c3681da Implemented public key method correctly, which fixes decryption errors in collections and organizations
7 years ago
Daniel García 79b4ddcae8 Added read_only bit to users_collections
7 years ago
Daniel García 0cb58add54 Implemented some admin methods, inserted CollectionsUsers only when Org accessAll == false, and implemented find_collection when user has access_all in Org
7 years ago
Daniel García 92236394e6 Delete folder mappings when deleting folders and make sure that we can't change a ciphers owner when created
7 years ago
Miroslav Prasil c4360ee697 Save extra query when checking write access
7 years ago
Miroslav Prasil a0796acbc7 Implement suggested improvements
7 years ago
Miroslav Prasil c3be1b4298 Fix FolderCipher creation, handle some errors
7 years ago
Miroslav Prasil 514a372bc8 Add per-user folder-cipher mapping
7 years ago
Daniel García f578019df6 Can now remove notes and fields correctly. Also fixed fields, that should go in uppercase
7 years ago
Miroslav Prasil 787172116d Save the name when updating the cipher data
7 years ago