Commit Graph

424 Commits

Author SHA1 Message Date
Daniel García
1322b876e9
Merge pull request #493 from endyman/feature/initial_mysql_support
Initial support for mysql
2019-06-01 23:33:06 +02:00
Emil Madsen
e22e290f67 Fix key and type variable names for mysql 2019-05-20 21:24:29 +02:00
TheMardy
ef551f4cc6 Create Backup funcitonality
Added create backup functionality to the admin panel
2019-05-03 15:46:29 +02:00
Daniel García
5521a86693
Change path for served images to avoid collision with vault images 2019-05-01 16:19:22 +02:00
Daniel García
3160780549
Merge pull request #401 from TheMardy/master
Images in Email Templates
2019-04-30 17:52:10 +02:00
Daniel García
874f5c34bd
Formatting 2019-04-26 22:08:26 +02:00
Daniel García
253faaf023
Use users duo host when required, instead of always using the global one 2019-04-15 13:07:23 +02:00
Daniel García
3d843a6a51
Merge pull request #460 from janost/organization-vault-purge
Fixed purging organization vault
2019-04-14 22:30:51 +02:00
janost
03fdf36bf9 Fixed purging organization vault 2019-04-14 22:12:48 +02:00
Daniel García
fdcc32beda
Validate Duo credentials when custom 2019-04-14 22:05:05 +02:00
Daniel García
bf20355c5e
Merge branch 'duo' 2019-04-14 22:02:55 +02:00
Daniel García
2e12114350
Always create the user when inviting from admin panel 2019-04-12 23:44:49 +02:00
ViViDboarder
d3a8a278e6 Add new endpoint for retrieving all users 2019-04-11 11:24:53 -07:00
Daniel García
8d9827c55f
Implement selection between global config and user settings for duo keys. 2019-04-11 18:40:03 +02:00
Daniel García
cad63f9761
Auto generate akey 2019-04-11 16:08:26 +02:00
Daniel García
621f607297
Update dependencies and fix some warnings 2019-04-11 15:40:19 +02:00
Daniel García
754087b990
Add global duo config and document options in .env template 2019-04-07 18:58:15 +02:00
Daniel García
cfbeb56371
Implement user duo, initial version
TODO:
- At the moment each user needs to configure a DUO application and input the API keys, we need to check if multiple users can register with the same keys correctly and if so we could implement a global setting.
- Sometimes the Duo frame doesn't load correctly, but canceling, reloading the page and logging in again seems to fix it for me.
2019-04-05 22:09:53 +02:00
Daniel García
4b40cda910
Added domain blacklist regex for icons service and improved valid domain check.
Reorganized the icons code a bit.
2019-03-18 22:12:39 +01:00
Daniel García
61515160a7
Allow changing error codes and create an empty error.
Return 404 instead of 400 when no accounts breached.
2019-03-14 00:17:36 +01:00
Daniel García
43f9038325
Add option to force resync clients in admin panel 2019-03-07 21:08:33 +01:00
Daniel García
0718a090e1
Trim spaces from admin token during authentication and validate that the admin panel token is not empty 2019-03-07 20:21:50 +01:00
Daniel García
04922f6aa0
Some formatting and dependency updates 2019-03-03 16:11:55 +01:00
Daniel García
7d2bc9e162
Added option to force 2fa at logins and made some changes to two factor code.
Added newlines to config options to keep them a reasonable length.
2019-03-03 16:09:15 +01:00
Daniel García
10756b0920
Update dependencies and fix some lints 2019-02-27 17:21:04 +01:00
Дамјан Георгиевски
473f8b8e31 remove some unneeded mutability 2019-02-22 20:25:50 +01:00
Shane Faulkner
8b5b06c3d1 Allow the Admin token to be disabled in the advanced menu 2019-02-20 14:56:08 -06:00
Daniel García
5ee04e31e5
Updated dependencies, removed some unnecessary clones and fixed some lints 2019-02-20 17:54:18 +01:00
TheMardy
84fb6aaddb Set correct MIME type 2019-02-17 01:08:24 +01:00
Daniel García
a744b9437a
Implemented multiple U2f keys, key names, and compromised checks 2019-02-16 23:07:48 +01:00
Daniel García
6027b969f5
Delete old devices when deauthorizing user sessions 2019-02-16 23:06:26 +01:00
Daniel García
93805a5d7b
Fix Yubikeys deleted on error 2019-02-16 21:30:55 +01:00
TheMardy
a79334ea4c Added static email image routes 2019-02-16 03:44:30 +01:00
BlackDex
3b27dbb0aa Added config option for icon download timeout 2019-02-12 21:56:28 +01:00
Daniel García
9636f33fdb
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens 2019-02-11 23:45:55 +01:00
Daniel García
28d1588e73
Show version in admin panel 2019-02-10 16:02:46 +01:00
Daniel García
f3b1a5ff3e
Error when admin panel is disabled 2019-02-10 15:26:19 +01:00
Daniel García
820c8b0dce
Change use of deserialize_with for Option iterator 2019-02-08 19:12:08 +01:00
Daniel García
8b4a6f2a64
Fixed some clippy lints and changed update_uuid_revision to only use one db query 2019-02-08 18:45:07 +01:00
Daniel García
ef63342e20
Add reset user config button 2019-02-06 17:34:32 +01:00
Daniel García
3db815b969
Implemented config form and fixed config priority 2019-02-06 17:34:30 +01:00
Daniel García
ade293cf52
Save config 2019-02-06 17:34:29 +01:00
Daniel García
877408b808
Implement basic config loading and updating. No save to file yet. 2019-02-06 17:34:29 +01:00
Daniel García
86ed75bf7c
Config can now be serialized / deserialized 2019-02-06 17:34:29 +01:00
Daniel García
20d8d800f3
Updated dependencies 2019-02-06 17:34:29 +01:00
Miroslav Prasil
637f655b6f Do not allocate uneccessary Vec 2019-02-05 14:16:07 +00:00
Miroslav Prasil
b3f7394c06 Do not update revision at the end, as we already did that 2019-02-05 14:09:59 +00:00
Miroslav Prasil
1a5ecd4d4a cipher does not need to be mutable 2019-02-05 13:52:30 +00:00
Miroslav Prasil
bd65c4e312 Remove superfluous cipher.save() call 2019-02-05 13:49:30 +00:00
BlackDex
9026cc8d42 Fixed issue when the iconlist is smaller then 5
When the iconlist was smaller then 5 items, it would cause a panic.
Solved by using .truncate() on the iconlist.
2019-02-04 17:27:40 +01:00
BlackDex
574b040142 Loop through the iconlist until an icon is found
Loop for a maximum of 5 times through the iconlist or until a
successful download of an icon.
2019-02-04 16:59:52 +01:00
BlackDex
c13f115473 Fixed issue #380
- Created a separate function for parsing the sizes attribute
 - Parsing sizes now with regex
 - Should work with any non-digit separator
2019-02-04 12:55:39 +01:00
BlackDex
bc461d9baa Some small changes on the iter of the cookies 2019-01-31 17:58:03 +01:00
BlackDex
5016e30cf2 Added cookies to the icon download request.
Some sites use XSRF Tokens, or other Tokens to verify a subseqense
response. The cookies which are sent during the page request are now
used when downloading the favicon.

A site which uses this is mijn.ing.nl.
2019-01-31 15:49:58 +01:00
Daniel García
2a60414031
Reuse the client between requests, and use the client when downloading the icons themselves 2019-01-29 21:21:26 +01:00
BlackDex
feb74a5e86 Changed the way to fix the href
- Using url from reqwest to fix href, this fixes:
   + "//domain.com/icon.png"
   + "relative/path/to/icon.png"
   + "/absolute/path/to/icon.png"
 - Removed fix_href function
 - Some variable changes
2019-01-29 18:08:23 +01:00
Daniel García
c0e350b734
Disable icon downloads, accept optional query after icon href, format and clippy fixes 2019-01-28 23:58:32 +01:00
Daniel García
bef1183c49
Only send one notification per vault import and purge, improve move ciphers functions 2019-01-28 00:39:14 +01:00
Daniel García
07388d327f
Merge pull request #370 from BlackDex/favicons
Added better favicon downloader.
2019-01-27 16:37:47 +01:00
BlackDex
4de16b2d17 Removed unwrap and added ? 2019-01-27 16:25:02 +01:00
BlackDex
da068a43c1 Moved function call to get_icon_url to prevent error bubbeling 2019-01-27 16:03:18 +01:00
BlackDex
9657463717 Added better favicon downloader. 2019-01-27 15:39:19 +01:00
Daniel García
69036cc6a4
Add disabled user badge (no password) and deauthorize button to admin page. 2019-01-26 19:28:54 +01:00
Daniel García
700e084101
Add 2FA icon to admin panel 2019-01-25 18:50:57 +01:00
Daniel García
a1dc47b826
Change config to thread-safe system, needed for a future config panel.
Improved some two factor methods.
2019-01-25 18:24:57 +01:00
Daniel García
86de0ca17b
Fix editing users from collections menu 2019-01-25 17:43:51 +01:00
Stephen White
928ad6c1d8 Fix the list of users with access to a collection to display correctly.
https://github.com/dani-garcia/bitwarden_rs/issues/364
2019-01-25 14:18:06 +00:00
Daniel García
bfd93e5b13
Show organizations in admin panel, implement reload templates option 2019-01-20 17:43:56 +01:00
Daniel García
a797459560
Implement HIBP check [WIP].
Add extra security attributes to admin cookie.
Error handling.
2019-01-20 15:36:33 +01:00
Daniel García
6cbb683f99
Rename admin templates to match email 2019-01-19 22:59:32 +01:00
Daniel García
92bbb98d48
Created base template 2019-01-19 22:12:52 +01:00
Daniel García
834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template 2019-01-19 21:41:49 +01:00
Daniel García
e0aec8d373
Use new i64::to_be_bytes and remove byteorder dep
(https://doc.rust-lang.org/stable/std/primitive.i64.html#method.to_be_bytes)
2019-01-16 22:14:17 +01:00
Daniel García
1ce2587330
Correct update cipher order: first save cipher, then cipher-folder, then notify 2019-01-16 19:57:49 +01:00
Miroslav Prasil
71a10e0378 Fix sharing the item to organization. 2019-01-16 11:33:43 +00:00
Daniel García
9bf13b7872
Can't return inside multipart closure 2019-01-15 22:00:41 +01:00
Daniel García
d420992f8c
Update some function calls to use ? 2019-01-15 21:47:16 +01:00
Daniel García
c259a0e3e2
Save recovery code when using yubikey and stop repeating headers.user everywhere 2019-01-15 21:38:21 +01:00
Daniel García
432be274ba
Improve org mismatch check, consider different orgs 2019-01-15 17:31:03 +01:00
Daniel García
484bf5b703
Check that the client is not updating an outdated cipher, that should be part of an org now 2019-01-15 16:35:08 +01:00
Daniel García
4bf32af60e
Fix folder notifications, enable template strict mode and add missing option to env template 2019-01-15 15:28:47 +01:00
Daniel García
f571df7367
Revert yubikey feature, not needed anymore 2019-01-12 15:28:41 +01:00
Daniel García
1d7f704754
Send CipherUpdate when adding and deleting attachments 2019-01-11 01:12:54 +01:00
Daniel García
1d034749f7
Fix AArch64 build by disabling yubico 2019-01-10 23:54:01 +01:00
Daniel García
320266606e
Implement put collections 2019-01-08 20:27:28 +01:00
Daniel García
a0a08c4c5a
Include IP in invalid admin token error 2019-01-08 16:17:18 +01:00
Daniel García
4309df8334
Only create invitations when SMTP is disabled, and ignore invitations if we have a token.
Disallow users from accepting invitation twice
2019-01-08 15:42:26 +01:00
Daniel García
f1161c65fb
Make sure an invitation is created when reinviting 2019-01-08 14:05:05 +01:00
Daniel García
21b85b78b1
Changed reinvite check and removed obsolete comment 2019-01-07 15:29:57 +01:00
Daniel García
5e37471488
Merge pull request #323 from njfox/invite_accepted_email
Send email notifications when invitations are accepted/confirmed
2019-01-06 14:12:24 +01:00
Nick Fox
0a74e79cea
Refactor generate_invite_claims, make org_name and org_id optional 2019-01-05 23:03:49 -05:00
Nick Fox
7db66f73f0
Refactor invited_by_email check 2019-01-05 13:46:45 -05:00
Nick Fox
cec28a85ac
Update admin page to work with new invitation flow 2019-01-04 10:32:51 -05:00
Daniel García
5f49ecd7f3
Updated dependencies to use u2f crate directly, and some style changes 2019-01-04 00:25:38 +01:00
Nick Fox
736c0e62f2
Send emails to inviters/invitees when invites are accepted/confirmed 2019-01-02 22:20:39 -05:00
Daniel García
30e768613b
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00
Daniel García
adb8052689
Updated Error to implement Display and Debug, instead of using custom methods 2018-12-30 21:43:56 +01:00
Daniel García
acb9d1b3c6
Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally 2018-12-30 21:43:56 +01:00
Daniel García
2bb0b15e04
Implemented better errors for JWT 2018-12-30 21:43:55 +01:00
Daniel García
250a2b340f
Use new Errors in latest changes 2018-12-30 21:43:55 +01:00
Daniel García
b2fc0499f6
Finish invite functionality, and remove virtual organization 2018-12-30 21:40:26 +01:00
Daniel García
6a99849a1e
Implemented proper error handling, now we can do user.save($conn)?; and it works.
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
2018-12-30 21:31:12 +01:00
Daniel García
172f1770cf
Embed the icon in the binary, no need to download when it's not going to change 2018-12-30 21:31:12 +01:00
Daniel García
1b5134dfe2
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token. 2018-12-30 21:31:11 +01:00
Daniel García
5fecf09631
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123' 2018-12-30 21:31:11 +01:00
Nick Fox
f20c4705d9
Refactor invite claims and disallow reinvites to virtual_org 2018-12-30 00:19:01 -05:00
Nick Fox
3142d8d01f
Add more detail to invitation not found error 2018-12-29 23:28:19 -05:00
Nick Fox
84fa5a4ed6
Implement reinvite endpoint 2018-12-29 23:24:38 -05:00
Nick Fox
b0ac640d8b
Use JWT to validate existing user invites 2018-12-23 15:15:44 -05:00
Daniel García
2b24b17609
Merge pull request #295 from njfox/invite_emails
Add Email Invite Functionality
2018-12-21 16:04:19 +01:00
Nick Fox
2cd736ab81
Validate JWT if a user registers with SMTP invites enabled 2018-12-20 22:16:41 -05:00
Nick Fox
99256b9b3a
Prefix unused params with underscore 2018-12-20 21:37:03 -05:00
Nick Fox
26bf7bc12f
Use upstream jslib invite/registration workflow 2018-12-18 23:16:03 -05:00
Daniel García
b3ec8f2611
Merge pull request #302 from tycho/icon-cache-ttl
implement TTLs for icon cache
2018-12-18 23:34:16 +01:00
Steven Noonan
a55c048a62
icons: implement positive/negative cache TTLs
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
2018-12-18 13:33:32 -08:00
Daniel García
149e69414f
Merge pull request #293 from dheimerl/patch-1
Update web.rs
2018-12-18 19:00:43 +01:00
dheimerl
9a7d3634d5
Changed frame-ancestors to use 'self' 2018-12-18 10:19:35 -06:00
dheimerl
7f7c936049
Fixed web.rs 2018-12-17 22:59:53 -06:00
Nick Fox
9479108fb7
Remove CONFIG.email_invitations 2018-12-17 17:10:09 -05:00
Nick Fox
042c1072d9
Remove CONFIG.email_invitation option 2018-12-17 17:02:15 -05:00
Daniel García
5a9aab1a32
Implement fromform, and ignore case and underscores, fixes #298 2018-12-16 20:00:16 +01:00
dheimerl
037eb0b790
Update web.rs
Add frame-ancestors to allow U2F to work in Chrome (and possibly Firefox) extension
2018-12-15 13:23:07 -06:00
Nick Fox
4910b14d57
Implement email invitations and registration workflow 2018-12-14 21:56:00 -05:00
algebro
e26e2319da Close #264. Usernames and IP addresses are logged on successful authentication 2018-12-11 15:20:06 -05:00
Daniel García
7adc045b80
Updated IP logging to use client_ip, to match old remote behavior.
Improved error logging, now it won't show a generic error message in some situations.
Removed delete device, which is not needed as it will be overwritten later.
Logged more info when an error occurs saving a device.
Added orgmanager to JWT claims.
2018-12-09 17:58:38 +01:00
Daniel García
19754c967f
More changes to the push token, and filtered multipart logs 2018-12-07 18:25:18 +01:00
Daniel García
738ad2127b
Fixed some clippy linting issues 2018-12-07 15:01:29 +01:00
Daniel García
cb930a0858
Remove some required values during login, now uses default values 2018-12-07 14:32:40 +01:00
Daniel García
94810c106a
Migrate to rust 2018 edition 2018-12-07 02:05:45 +01:00
Daniel García
2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested) 2018-12-06 20:35:25 +01:00
Daniel García
dc1bb6de20
Update device push token methods to more closely follow the official server response 2018-12-06 16:28:36 +01:00
Daniel García
6364c05789
Fix attachments during key rotation, add individual attachment key 2018-11-27 17:24:12 +01:00
Daniel García
f71f10eac6
Implemented key rotation with the latest vault 2018-11-24 23:00:41 +01:00
Daniel García
f1acc1e05a
Merge branch 'master' into rocket-0.4 2018-11-21 15:35:34 +01:00
Daniel García
3d36ac4601
Remove unwrap in connection_lost 2018-11-21 15:07:18 +01:00
Daniel García
00abd4c853
Add create endpoint, fixes #253, fixes #261 2018-11-19 20:27:49 +01:00
Daniel García
a4550e51ea
Update dependencies and add /ciphers/create 2018-11-19 20:21:02 +01:00
Daniel García
5edbd0e952
Merge branch 'master' into rocket-0.4
# Conflicts:
#	Cargo.lock
#	Cargo.toml
#	src/api/core/mod.rs
2018-11-19 19:52:43 +01:00
Stepan Fedorko-Bartos
f344dbaad4 Fixes NFC Response for Mobile Login 2018-11-17 01:25:07 -07:00
Stepan Fedorko-Bartos
aba9c28226 Disable Yubikey 2FA if 0 Keys Provided 2018-11-16 12:07:00 -07:00
Stepan Fedorko-Bartos
82e2b8a8c0 Code style changes 2018-11-16 11:52:01 -07:00
Stepan Fedorko-Bartos
6d735806c0 Ensures Yubico Creds are set when opening Yubikey Modal 2018-11-15 18:58:44 -07:00
Stepan Fedorko-Bartos
2433d39df5 Allows Custom Yubico OTP Server 2018-11-15 18:54:53 -07:00
Stepan Fedorko-Bartos
9e0e4b13c5 Adds Yubikey OTP Support 2018-11-15 18:43:09 -07:00
Daniel García
f84cbeaaf8
Merge branch 'master' into rocket-0.4
# Conflicts:
#	src/db/models/organization.rs
2018-11-14 16:14:49 +01:00
Miroslav Prasil
b94f4db52a Fix #242 2018-11-13 15:34:37 +00:00
Miroslav Prasil
66a4c5d48b Implement comparison between i32 and UserOrgType 2018-11-12 17:13:25 +00:00
Daniel García
4638786507
Merge branch 'master' into rocket-0.4
# Conflicts:
#	src/api/core/mod.rs
2018-11-09 16:06:24 +01:00
Roman Hargrave
62bc58e145 Clean up after u2f endpoint split 2018-11-09 00:27:43 -06:00
Roman Hargrave
760e0ab805 Initial u2f fix 2018-11-09 00:00:31 -06:00