268 Commits

Author	SHA1	Message	Date
BlackDex	ebf40099f2	Updated authenticator TOTP ... - Added security check for previouse used codes - Allow TOTP codes with 1 step back and forward when there is a time drift. This means in total 3 codes could be valid. But only newer codes then the previouse used codes are excepted after that.	2019-10-10 17:32:20 +02:00
BlackDex	edc482c8ea	Changed HIBP Error message. ... - Moved the manual link to the check to the top. - Clearified that hibp is a payed service. - Changed error logo to hibp logo.	2019-10-08 22:29:12 +02:00
BlackDex	6e5c03cc78	Some modification when no HIBP API Key is set ... - Added an URL with the useraccount for manual check. - Added support for HTTP(S)_PROXY for hibp.	2019-10-08 21:39:11 +02:00
Daniel García	df8114f8be	Updated client kdf iterations to 100000 and fixed some lints	2019-09-05 21:56:12 +02:00
Daniel García	e3404dd322	Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values	2019-08-31 17:47:52 +02:00
Daniel García	bfc517ee80	Remove unused warning	2019-08-31 17:26:16 +02:00
Daniel García	4a7d2a1e28	Rename static files endpoint	2019-08-31 17:25:31 +02:00
vpl	5d50b1ee3c	Merge remote-tracking branch 'upstream/master' into email-codes	2019-08-26 21:38:45 +02:00
vpl	c99df1c310	Compare token using crypto::ct_eq	2019-08-26 20:26:59 +02:00
vpl	591ae10144	Get token from single u64	2019-08-26 20:26:54 +02:00
Daniel García	026f9da035	Allow removing users two factors	2019-08-21 17:13:06 +02:00
Daniel García	515b87755a	Update HIBP to v3, requires paid API key, fixes #583	2019-08-20 20:07:12 +02:00
vpl	ad2225b6e5	Add configuration options for Email 2FA	2019-08-10 22:39:04 +02:00
vpl	5609103a97	Use ring to generate email token	2019-08-06 22:38:08 +02:00
vpl	6d460b44b0	Use saved token for email 2fa codes	2019-08-04 17:21:57 +02:00
vpl	efd8d9f528	Remove some unused imports, unneeded mut variables	2019-08-04 16:56:41 +02:00
vpl	29aedd388e	Add email code logic and move two_factor into separate modules	2019-08-04 16:56:41 +02:00
Daniel García	05a1137828	Move backend checks to build.rs to fail fast, and updated dependencies	2019-07-09 17:26:34 +02:00
Emil Madsen	e22e290f67	Fix key and type variable names for mysql	2019-05-20 21:24:29 +02:00
Daniel García	874f5c34bd	Formatting	2019-04-26 22:08:26 +02:00
Daniel García	253faaf023	Use users duo host when required, instead of always using the global one	2019-04-15 13:07:23 +02:00
Daniel García	3d843a6a51	Merge pull request #460 from janost/organization-vault-purge ... Fixed purging organization vault	2019-04-14 22:30:51 +02:00
janost	03fdf36bf9	Fixed purging organization vault	2019-04-14 22:12:48 +02:00
Daniel García	fdcc32beda	Validate Duo credentials when custom	2019-04-14 22:05:05 +02:00
Daniel García	8d9827c55f	Implement selection between global config and user settings for duo keys.	2019-04-11 18:40:03 +02:00
Daniel García	cad63f9761	Auto generate akey	2019-04-11 16:08:26 +02:00
Daniel García	621f607297	Update dependencies and fix some warnings	2019-04-11 15:40:19 +02:00
Daniel García	754087b990	Add global duo config and document options in .env template	2019-04-07 18:58:15 +02:00
Daniel García	cfbeb56371	Implement user duo, initial version ... TODO: - At the moment each user needs to configure a DUO application and input the API keys, we need to check if multiple users can register with the same keys correctly and if so we could implement a global setting. - Sometimes the Duo frame doesn't load correctly, but canceling, reloading the page and logging in again seems to fix it for me.	2019-04-05 22:09:53 +02:00
Daniel García	61515160a7	Allow changing error codes and create an empty error. ... Return 404 instead of 400 when no accounts breached.	2019-03-14 00:17:36 +01:00
Daniel García	04922f6aa0	Some formatting and dependency updates	2019-03-03 16:11:55 +01:00
Daniel García	7d2bc9e162	Added option to force 2fa at logins and made some changes to two factor code. ... Added newlines to config options to keep them a reasonable length.	2019-03-03 16:09:15 +01:00
Daniel García	10756b0920	Update dependencies and fix some lints	2019-02-27 17:21:04 +01:00
Дамјан Георгиевски	473f8b8e31	remove some unneeded mutability	2019-02-22 20:25:50 +01:00
Daniel García	5ee04e31e5	Updated dependencies, removed some unnecessary clones and fixed some lints	2019-02-20 17:54:18 +01:00
Daniel García	a744b9437a	Implemented multiple U2f keys, key names, and compromised checks	2019-02-16 23:07:48 +01:00
Daniel García	6027b969f5	Delete old devices when deauthorizing user sessions	2019-02-16 23:06:26 +01:00
Daniel García	93805a5d7b	Fix Yubikeys deleted on error	2019-02-16 21:30:55 +01:00
Daniel García	820c8b0dce	Change use of deserialize_with for Option iterator	2019-02-08 19:12:08 +01:00
Daniel García	8b4a6f2a64	Fixed some clippy lints and changed update_uuid_revision to only use one db query	2019-02-08 18:45:07 +01:00
Daniel García	86ed75bf7c	Config can now be serialized / deserialized	2019-02-06 17:34:29 +01:00
Daniel García	20d8d800f3	Updated dependencies	2019-02-06 17:34:29 +01:00
Miroslav Prasil	637f655b6f	Do not allocate uneccessary Vec	2019-02-05 14:16:07 +00:00
Miroslav Prasil	b3f7394c06	Do not update revision at the end, as we already did that	2019-02-05 14:09:59 +00:00
Miroslav Prasil	1a5ecd4d4a	cipher does not need to be mutable	2019-02-05 13:52:30 +00:00
Miroslav Prasil	bd65c4e312	Remove superfluous cipher.save() call	2019-02-05 13:49:30 +00:00
Daniel García	bef1183c49	Only send one notification per vault import and purge, improve move ciphers functions	2019-01-28 00:39:14 +01:00
Daniel García	a1dc47b826	Change config to thread-safe system, needed for a future config panel. ... Improved some two factor methods.	2019-01-25 18:24:57 +01:00
Daniel García	86de0ca17b	Fix editing users from collections menu	2019-01-25 17:43:51 +01:00
Stephen White	928ad6c1d8	Fix the list of users with access to a collection to display correctly. ... https://github.com/dani-garcia/bitwarden_rs/issues/364	2019-01-25 14:18:06 +00:00