Merge pull request #308 from njfox/invite_existing_user_fix

Fix email invitations for existing users and update README
This commit is contained in:
Daniel García 2018-12-23 22:31:00 +01:00 committed by GitHub
commit 00bc355220
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 21 additions and 13 deletions

View File

@ -385,6 +385,17 @@ docker run -d --name bitwarden \
When `SMTP_SSL` is set to `true`(this is the default), only TLSv1.1 and TLSv1.2 protocols will be accepted and `SMTP_PORT` will default to `587`. If set to `false`, `SMTP_PORT` will default to `25` and the connection won't be encrypted. This can be very insecure, use this setting only if you know what you're doing. When `SMTP_SSL` is set to `true`(this is the default), only TLSv1.1 and TLSv1.2 protocols will be accepted and `SMTP_PORT` will default to `587`. If set to `false`, `SMTP_PORT` will default to `25` and the connection won't be encrypted. This can be very insecure, use this setting only if you know what you're doing.
Note that if SMTP and invitations are enabled, invitations will be sent to new users via email. You must set the `DOMAIN` configuration option with the base URL of your bitwarden_rs instance for the invite link to be generated correctly:
```sh
docker run -d --name bitwarden \
...
-e DOMAIN=https://vault.example.com
...
```
User invitation links are valid for 5 days, after which a new invitation will need to be sent.
### Password hint display ### Password hint display
Usually, password hints are sent by email. But as bitwarden_rs is made with small or personal deployment in mind, hints are also available from the password hint page, so you don't have to configure an email service. If you want to disable this feature, you can use the `SHOW_PASSWORD_HINT` variable: Usually, password hints are sent by email. But as bitwarden_rs is made with small or personal deployment in mind, hints are also available from the password hint page, so you don't have to configure an email service. If you want to disable this feature, you can use the `SHOW_PASSWORD_HINT` variable:

View File

@ -532,20 +532,17 @@ fn accept_invite(_org_id: String, _org_user_id: String, data: JsonUpcase<AcceptD
match User::find_by_mail(&claims.email, &conn) { match User::find_by_mail(&claims.email, &conn) {
Some(_) => { Some(_) => {
if Invitation::take(&claims.email, &conn) { Invitation::take(&claims.email, &conn);
if claims.user_org_id.is_some() { if claims.user_org_id.is_some() {
// If this isn't the virtual_org, mark userorg as accepted // If this isn't the virtual_org, mark userorg as accepted
let mut user_org = match UserOrganization::find_by_uuid_and_org(&claims.user_org_id.unwrap(), &claims.org_id, &conn) { let mut user_org = match UserOrganization::find_by_uuid_and_org(&claims.user_org_id.unwrap(), &claims.org_id, &conn) {
Some(user_org) => user_org, Some(user_org) => user_org,
None => err!("Error accepting the invitation") None => err!("Error accepting the invitation")
}; };
user_org.status = UserOrgStatus::Accepted as i32; user_org.status = UserOrgStatus::Accepted as i32;
if user_org.save(&conn).is_err() { if user_org.save(&conn).is_err() {
err!("Failed to accept user to organization") err!("Failed to accept user to organization")
}
} }
} else {
err!("Invitation for user not found")
} }
}, },
None => { None => {