Commit Graph

31 Commits

Author SHA1 Message Date
BlackDex
de86aa671e Fix Key Rotation during password change
When ticking the 'Also rotate my account's encryption key' box, the key
rotated ciphers are posted after the change of password.

During the password change the security stamp was reseted which made
the posted key's return an invalid auth. This reset is needed to prevent other clients from still being able to read/write.

This fixes this by adding a new database column which stores a stamp exception which includes the allowed route and the current security stamp before it gets reseted.
When the security stamp check fails it will check if there is a stamp exception and tries to match the route and security stamp.

Currently it only allows for one exception. But if needed we could expand it by using a Vec<UserStampException> and change the functions accordingly.

fixes #1240
2020-12-14 19:58:23 +01:00
janost
043aa27aa3 Implement admin ability to enable/disable users 2020-11-30 23:12:56 +01:00
Jeremy Lin
3bbdbb832c Transfer favorite status for user-owned ciphers 2020-08-22 17:14:05 -07:00
Jeremy Lin
f83a8a36d1 Track favorites on a per-user basis
Currently, favorites are tracked at the cipher level. For org-owned ciphers,
this means that if one user sets it as a favorite, it automatically becomes a
favorite for all other users that the cipher has been shared with.
2020-08-19 02:32:58 -07:00
Jeremy Lin
979d010dc2 Add support for hiding passwords in a collection
Ref: https://github.com/bitwarden/server/pull/743
2020-07-02 21:51:20 -07:00
Daniel García
e3b00b59a7
Initial support for soft deletes 2020-04-17 22:35:27 +02:00
Daniel García
3fa78e7bb1
Initial version of policies 2020-03-14 13:32:28 +01:00
tomuta
bd1e8be328 Implement change-email, email-verification, account-recovery, and welcome notifications 2019-11-24 22:28:49 -07:00
BlackDex
ebf40099f2 Updated authenticator TOTP
- Added security check for previouse used codes
- Allow TOTP codes with 1 step back and forward when there is a time
drift. This means in total 3 codes could be valid. But only newer codes
then the previouse used codes are excepted after that.
2019-10-10 17:32:20 +02:00
Michael Powers
1264eb640a
Added a migration that fixes #1 which caused attachments to be broken
for the PostgreSQL backend. Also converts any CHAR types to VARCHAR to prevent the same issue from causing problems down the line.
2019-09-16 19:52:00 -04:00
Michael Powers
f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246.
This includes migrations as well as Dockerfile's for amd64.

The biggest change is that replace_into isn't supported by Diesel for the
PostgreSQL backend, instead requiring the use of on_conflict. This
unfortunately requires a branch for save() on all of the models currently
using replace_into.
2019-09-12 16:12:22 -04:00
Daniel García
df8114f8be
Updated client kdf iterations to 100000 and fixed some lints 2019-09-05 21:56:12 +02:00
Nils Domrose
6c38026ef5 user char(36) for uuid columns 2019-05-27 17:20:20 +02:00
Nils Domrose
ff759397f6 initial mysql support 2019-05-26 23:03:05 +02:00
Emil Madsen
ab95a69dc8 Rework migrations for MySQL 2019-05-20 21:12:41 +02:00
Daniel García
6364c05789
Fix attachments during key rotation, add individual attachment key 2018-11-27 17:24:12 +01:00
Daniel García
ebb66c374e
Implement KDF iterations change (Fixes #195) 2018-09-19 17:30:14 +02:00
Miroslav Prasil
ec05f14f5a Implement poor man's invitation via Organization invitation 2018-09-11 13:09:59 +01:00
Kumar Ankur
781056152a Support password history #155 (#156)
* Password History Support (#155)

* down.sql logic not required as per review comments
2018-08-27 23:08:58 +02:00
Daniel García
dae92b9018 Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 22:22:10 +02:00
Daniel García
b0ee5f6570 Improved two factor auth 2018-06-01 15:08:03 +02:00
Miroslav Prasil
9b017bbbb9 Fix reference in attachments table 2018-05-26 00:39:19 +01:00
Miroslav Prasil
34f2aa68f4 Implement Collection-Cipher mapping 2018-05-11 21:08:14 +01:00
Daniel García
79b4ddcae8 Added read_only bit to users_collections 2018-05-04 20:10:35 +02:00
Miroslav Prasil
a0796acbc7 Implement suggested improvements 2018-05-03 17:47:27 +01:00
Miroslav Prasil
514a372bc8 Add per-user folder-cipher mapping 2018-04-30 23:38:55 +01:00
Daniel García
4093bf92fe Initial organizations functionality: Creating orgs and inviting users 2018-04-24 22:01:55 +02:00
Daniel García
1277cb099d Updated Cipher API with breaking changes, and included backwards compatibility 2018-03-06 20:34:30 +01:00
Daniel García
1bc346688c Some initial work on organizations, nothing works yet 2018-02-17 23:04:34 +01:00
Daniel García
b54684b677 Upload and download attachments, and added License file 2018-02-15 00:40:34 +01:00
Daniel García
5cd40c63ed First working version 2018-02-10 01:00:55 +01:00