30e768613b
Start using rustfmt and some style changes to make some lines shorter
2018-12-30 23:34:31 +01:00
adb8052689
Updated Error to implement Display and Debug, instead of using custom methods
2018-12-30 21:43:56 +01:00
acb9d1b3c6
Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally
2018-12-30 21:43:56 +01:00
6a99849a1e
Implemented proper error handling, now we can do `user.save($conn)?;` and it works.
...
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
2018-12-30 21:31:12 +01:00
1b5134dfe2
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-30 21:31:11 +01:00
5fecf09631
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-30 21:31:11 +01:00
ec715d78fb
Change log timestamp format so fail2ban can parse it
2018-12-26 11:54:31 -05:00
848cd1dbec
add environment variables for ICON_CACHE_TTL and ICON_CACHE_NEGTTL
...
These aren't used yet, but will be utilized by the icon caching service
in a subsequent patch.
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
2018-12-18 13:33:31 -08:00
19754c967f
More changes to the push token, and filtered multipart logs
2018-12-07 18:25:18 +01:00
94810c106a
Migrate to rust 2018 edition
2018-12-07 02:05:45 +01:00
2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested)
2018-12-06 20:35:25 +01:00
f71f10eac6
Implemented key rotation with the latest vault
2018-11-24 23:00:41 +01:00
5edbd0e952
Merge branch 'master' into rocket-0.4
...
# Conflicts:
# Cargo.lock
# Cargo.toml
# src/api/core/mod.rs
2018-11-19 19:52:43 +01:00
2433d39df5
Allows Custom Yubico OTP Server
2018-11-15 18:54:53 -07:00
e66436625c
Adds Yubico Client ID and Secret Key Env Vars
2018-11-15 18:40:27 -07:00
c673370103
Updated bw_rs to Rocket version 0.4-rc1
2018-11-01 19:25:09 +01:00
9ecc98c3cc
Disable WebSockets negotiation by default
2018-10-14 23:25:16 +01:00
a28caa33ef
Implement poor man's admin panel
2018-10-12 15:20:10 +01:00
7112c86471
Updated dependencies, removed valid mail check (now done by lettre), and updated global domains file
2018-10-04 00:01:04 +02:00
c3c74506a7
Add missing fields to returned Org json
2018-10-01 16:00:11 +01:00
9eaa9c1a17
Add WEBSOCKET_ADDRESS config option ( Fixes #199 )
2018-09-28 13:50:04 +02:00
948554a20f
Added config option for websocket port, and reworked the config parsing a bit.
...
Added SMTP_FROM config to examples and made it mandatory, it doesn't make much sense to not specify the from address.
2018-09-13 20:59:51 +02:00
a01fee0b9f
Merge branch 'ws'
...
# Conflicts:
# Cargo.toml
# src/api/core/ciphers.rs
# src/main.rs
2018-09-13 15:59:45 +02:00
1b20a25514
Merge pull request #173 from mprasil/poormans_invites
...
Implement poor man's invitation via Organization invitation
2018-09-11 16:48:56 +02:00
b63693aefb
Merge pull request #137 from stammw/master
...
SMTP implementation, along with password HINT email
2018-09-11 14:58:09 +02:00
ec05f14f5a
Implement poor man's invitation via Organization invitation
2018-09-11 13:09:59 +01:00
d70864ac73
Initial version of websockets notification support.
...
For now only folder notifications are sent (create, rename, delete).
The notifications are only tested between two web-vault sessions in different browsers, mobile apps and browser extensions are untested.
The websocket server is exposed in port 3012, while the rocket server is exposed in another port (8000 by default). To make notifications work, both should be accessible in the same port, which requires a reverse proxy.
My testing is done with Caddy server, and the following config:
```
localhost {
# The negotiation endpoint is also proxied to Rocket
proxy /notifications/hub/negotiate 0.0.0.0:8000 {
transparent
}
# Notifications redirected to the websockets server
proxy /notifications/hub 0.0.0.0:3012 {
websocket
}
# Proxy the Root directory to Rocket
proxy / 0.0.0.0:8000 {
transparent
}
}
```
This exposes the service in port 2015.
2018-08-30 17:58:53 +02:00
8d1ee859f2
Implemented basic support for prelogin and notification negotiation
2018-08-24 19:02:34 +02:00
9e63985b28
Check email validity before using it for password hint sending
2018-08-16 21:25:28 +02:00
401aa7c699
make SMTP authentication optionnal, let lettre pick the better auth mechanism
2018-08-15 17:21:19 +02:00
812387e586
SMTP integration, send password hint by email.
2018-08-15 08:45:18 +02:00
f7ffb81d9e
SMTP configuration parsing and checking
2018-08-13 13:46:32 +02:00
b5a057f063
Merge branch 'master' into beta
2018-08-10 21:43:16 +01:00
c031ae9f2f
Make password hints available in the error message #85
2018-08-10 15:52:06 +02:00
b163aeb8ca
Merge changes in master to beta branch (concurrency fixes)
2018-08-01 11:37:42 +01:00
2872f40d13
WAL journal mode and delete retry added
2018-07-31 16:43:43 +01:00
a291dea16f
Updated dependencies and Docker image to new web-vault
2018-07-21 17:27:00 +02:00
4f6f510bd4
Improve domain detection, should fix attachment problems. Otherwise, set the `DOMAIN` env variable to the correct domain
2018-07-12 23:28:16 +02:00
dae92b9018
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device.
2018-07-12 22:22:10 +02:00
538dc00234
Improved configuration and documented options. Implemented option to disable web vault and to disable the use of bitwarden's official icon servers
2018-06-12 21:09:42 +02:00
f72efa899e
Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage.
2018-06-12 17:30:36 +02:00
1a4b1a8254
Enabled unused variable warning again, fixed some possible bugs where we didn't check some parameters, and explicitly marked all unused parameters (mostly orgheaders)
2018-05-30 22:30:45 +02:00
fcef2fa1f1
Check that the database folder exists before connecting
...
If the parent folder ('data' by default) doesn't exist, the database won't be able to connect.
2018-05-12 22:55:18 +02:00
3d454f36bc
Removed included web vault.
...
Now that docker automatically downloads the web-vault, keeping it in the repo doesn't make sense.
Added error message in case someone tries to run the application directly without the web-vault instaled..
2018-04-24 22:41:25 +02:00
3a1321a5a9
Updated some dependencies and removed old unused attribute that might create compile errors
2018-04-24 15:49:38 +02:00
9116253ae5
Updated dependencies
2018-03-21 00:08:46 +01:00
66097e5f12
r2d2_diesel is included in diesel since 1.1, so we don't need the dependencies directly.
...
Same thing with time, included in chrono
2018-03-07 18:41:34 +01:00
dfefbf1f31
Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings
2018-02-23 00:38:54 +01:00
d5486670d8
Fixed docker build and implemented automatic creation of JWT signing keys on platforms with OpenSSL (it needs to be on the PATH)
2018-02-17 01:13:02 +01:00
84a75c871b
Improved error messagees, implemented delete ciphers, attachments and account, implemented two factor recovery.
...
Known missing:
- import ciphers, create ciphers types other than login and card, update ciphers
- clear and put device_tokens
- Equivalent domains
- Organizations
2018-02-15 19:05:57 +01:00
Daniel García
Nick Fox
Steven Noonan
Stepan Fedorko-Bartos
Miroslav Prasil
Jean-Christophe BEGUE
Jean-Christophe BEGUE
Daniel García