Commit Graph

240 Commits

Author SHA1 Message Date
Daniel García
9eaa9c1a17
Add WEBSOCKET_ADDRESS config option (Fixes #199) 2018-09-28 13:50:04 +02:00
Daniel García
3df31e3464
Temp fix for OpenSSL 1.1.1 compatibility 2018-09-19 21:45:50 +02:00
Daniel García
ebb66c374e
Implement KDF iterations change (Fixes #195) 2018-09-19 17:30:14 +02:00
Miroslav Prasil
f7951b44ba Add alias for DELETE call on accounts 2018-09-18 11:13:45 +01:00
Daniel García
b75ba216d1
Return default prelogin values when the user doesn't exist 2018-09-13 23:04:52 +02:00
Daniel García
8651df8c2a
Fixed some lint issues 2018-09-13 21:55:23 +02:00
Daniel García
948554a20f
Added config option for websocket port, and reworked the config parsing a bit.
Added SMTP_FROM config to examples and made it mandatory, it doesn't make much sense to not specify the from address.
2018-09-13 20:59:51 +02:00
Daniel García
928e2424c0
Updated dependencies and fixed errors 2018-09-13 16:05:13 +02:00
Daniel García
a01fee0b9f
Merge branch 'ws'
# Conflicts:
#	Cargo.toml
#	src/api/core/ciphers.rs
#	src/main.rs
2018-09-13 15:59:45 +02:00
Daniel García
f397f0cbd0
Implement organization import for admins and owners (Fixes #178) 2018-09-13 15:16:24 +02:00
Daniel García
3e1afb139c
Remove unnecessary return 2018-09-12 23:58:02 +02:00
Daniel García
d66d4fd87f Add error message when the proxy doesn't route websockets correctly 2018-09-11 17:09:33 +02:00
Daniel García
1b20a25514
Merge pull request #173 from mprasil/poormans_invites
Implement poor man's invitation via Organization invitation
2018-09-11 16:48:56 +02:00
Miroslav Prasil
c1cd4d9a6b Modify User::new to be keyless and paswordless 2018-09-11 14:25:12 +01:00
Daniel García
b63693aefb
Merge pull request #137 from stammw/master
SMTP implementation, along with password HINT email
2018-09-11 14:58:09 +02:00
Miroslav Prasil
ec05f14f5a Implement poor man's invitation via Organization invitation 2018-09-11 13:09:59 +01:00
Jean-Christophe BEGUE
37d88be2be return an error when email adress for password hint is not valid 2018-09-11 13:12:24 +02:00
Jean-Christophe BEGUE
1c641d7635 Special messages when user has no password hint 2018-09-11 13:04:34 +02:00
Jean-Christophe BEGUE
e2ab2f7306 Save None instead of empty password hint 2018-09-11 13:00:59 +02:00
Daniel García
69dcbdd3b2 Merge branch 'master' into ws 2018-09-04 17:46:38 +02:00
Miroslav Prasil
c58682e3fb Fix the logic in user edditing 2018-09-04 16:10:26 +01:00
Miroslav Prasil
db111ae2a0 Check properly the user membership in Organization 2018-09-04 13:37:44 +01:00
Miroslav Prasil
049aa33f17 Fix editing users in Organization 2018-09-04 12:15:46 +01:00
Shane A. Faulkner
d8e5e53273 Add notifications for cipher delete and create 2018-09-01 10:59:13 -05:00
Shane A. Faulkner
b6502e9e9d Add support for CipherUpdate notifications 2018-08-31 23:30:53 -05:00
Daniel García
d70864ac73 Initial version of websockets notification support.
For now only folder notifications are sent (create, rename, delete).
The notifications are only tested between two web-vault sessions in different browsers, mobile apps and browser extensions are untested.

The websocket server is exposed in port 3012, while the rocket server is exposed in another port (8000 by default). To make notifications work, both should be accessible in the same port, which requires a reverse proxy.

My testing is done with Caddy server, and the following config:

```
localhost {

    # The negotiation endpoint is also proxied to Rocket
    proxy /notifications/hub/negotiate 0.0.0.0:8000 {
        transparent
    }

    # Notifications redirected to the websockets server
    proxy /notifications/hub 0.0.0.0:3012 {
        websocket
    }

    # Proxy the Root directory to Rocket
    proxy / 0.0.0.0:8000 {
        transparent
    }
}
```

This exposes the service in port 2015.
2018-08-30 17:58:53 +02:00
Miroslav Prasil
d336d89b83 Fix editing shared cipher (fixes #164) 2018-08-30 11:12:29 +01:00
Baelyk
fe473b9e75 Attachment::save() returns Result instead of bool (#161)
Returning a result instead of a bool as per #6
2018-08-29 15:22:19 +02:00
mprasil
062ae4dd59 Allow non-Admin user to share to collection (fixes #157) (#159)
* Allow non-Admin user to share to collection (fixes #157)

* Better handling of collection sharing
2018-08-29 15:22:03 +02:00
mprasil
3cfdf9b585 Add DELETE handlers fo cipher and attachment deletion (fixes #158) (#160) 2018-08-29 00:48:53 +02:00
Kumar Ankur
781056152a Support password history #155 (#156)
* Password History Support (#155)

* down.sql logic not required as per review comments
2018-08-27 23:08:58 +02:00
Baelyk
c386b3bcf7 Add IP and Username to failed login attempts
Resolves #119
2018-08-25 17:07:59 -05:00
Daniel García
8d1ee859f2 Implemented basic support for prelogin and notification negotiation 2018-08-24 19:02:34 +02:00
Miroslav Prasil
2b2401be19 Update affected users revision on cipher and folder change 2018-08-21 17:32:00 +01:00
Miroslav Prasil
9eea0151ba Update user revision timestamp on Organization changes 2018-08-21 13:26:22 +01:00
Miroslav Prasil
40d09ddd2a Add PUT alias for Organization updates 2018-08-21 13:25:52 +01:00
Daniel García
d332e87655
Merge pull request #144 from mprasil/collection_revision
Update affected users revision when there are collection changes
2018-08-21 13:47:19 +02:00
Miroslav Prasil
a5ef8aef0f Update affected users revision when there are collection changes 2018-08-21 12:20:55 +01:00
Miroslav Prasil
4fb09c5b4d Actually update the revision date for user struct, not just in DB 2018-08-21 10:36:04 +01:00
Jean-Christophe BEGUE
9e63985b28 Check email validity before using it for password hint sending 2018-08-16 21:25:28 +02:00
Daniel García
6fdeeb56ce
Merge pull request #140 from mprasil/error_format
Update the error format to show message in new Vault
2018-08-16 00:52:46 +02:00
Daniel García
b002d34cd4
Merge pull request #139 from mprasil/edit_shared_fix
Add PUT alias for editing cipher
2018-08-15 23:02:59 +02:00
Jean-Christophe BEGUE
401aa7c699 make SMTP authentication optionnal, let lettre pick the better auth mechanism 2018-08-15 17:21:19 +02:00
Miroslav Prasil
12a2dc0901 Add PUT alias for profile update 2018-08-15 16:10:40 +01:00
Miroslav Prasil
b3f3fd81ac Update theerror format to show message in new Vault 2018-08-15 15:50:07 +01:00
Miroslav Prasil
f2fec345ec Add PUT alias for editing cipher 2018-08-15 14:27:37 +01:00
Jean-Christophe BEGUE
d68f57cbba Fix password hint showing logic 2018-08-15 14:08:00 +02:00
Jean-Christophe BEGUE
19e0605d30 Better message into the password hint email 2018-08-15 10:17:05 +02:00
Jean-Christophe BEGUE
812387e586 SMTP integration, send password hint by email. 2018-08-15 08:45:18 +02:00
Miroslav Prasil
00b882935f Deserialize "null" to empty Vec for Collections 2018-08-14 11:06:42 +01:00
Miroslav Prasil
0dfd9c7670 Add couple more aliases for PUTs and DELETEs 2018-08-13 16:45:30 +01:00
Miroslav Prasil
6ede1743ac add alias for PUT collections-admin 2018-08-13 16:00:10 +01:00
Daniel García
d3f357b708 Implemented PUT for u2f registration 2018-08-13 15:26:01 +02:00
Daniel García
16056626b0
Merge pull request #131 from mprasil/revision_date
Implement update_revision trigger
2018-08-13 14:38:30 +02:00
Jean-Christophe BEGUE
f7ffb81d9e SMTP configuration parsing and checking 2018-08-13 13:46:32 +02:00
Miroslav Prasil
626a3c93ba Revert "Merge branch 'beta' of https://github.com/krankur/bitwarden_rs into beta"
This reverts commit 3fd3d8d5e9.
2018-08-13 12:35:41 +01:00
Miroslav Prasil
3f5a99916a Implement update_revision trigger 2018-08-13 10:58:39 +01:00
Miroslav Prasil
b5a057f063 Merge branch 'master' into beta 2018-08-10 21:43:16 +01:00
Kumar Ankur
3fd3d8d5e9 Merge branch 'beta' of https://github.com/krankur/bitwarden_rs into beta 2018-08-10 23:49:34 +05:30
Kumar Ankur
5f6d721c09 Implemented PUT for /two-factor/authenticator and /two-factor/disable 2018-08-10 23:20:19 +05:30
Kumar Ankur
ddda86b90d Implemented bulk cipher share (share selected) #100 2018-08-10 23:20:19 +05:30
Daniel García
c6256e1455
Merge pull request #128 from mprasil/revision_date
Return revision date in miliseconds (fixes #127)
2018-08-10 19:40:56 +02:00
Miroslav Prasil
58c1545707 Return revision date in miliseconds (fixes #127) 2018-08-10 17:18:59 +01:00
Jean-Christophe BEGUE
d3b4b10d18 Add a explaination to the password hint message #85 2018-08-10 16:59:23 +02:00
Jean-Christophe BEGUE
c031ae9f2f Make password hints available in the error message #85 2018-08-10 15:52:06 +02:00
Kumar Ankur
aac1304b46 clean up 2018-08-03 19:31:01 +05:30
Kumar Ankur
7dfc759691 Implmeneted DELETE on 'api/ciphers' to delete selected ciphers (#98) 2018-08-03 19:23:38 +05:30
Kumar Ankur
74e2ca81ae Implemented PUT for single cipher sharing (#97) 2018-08-02 00:07:14 +05:30
Miroslav Prasil
b163aeb8ca Merge changes in master to beta branch (concurrency fixes) 2018-08-01 11:37:42 +01:00
Kumar Ankur
0e095a9fa4 change to reuse the logic for POST in PUT as well 2018-08-01 13:50:52 +05:30
Kumar Ankur
2f6aa3c363 Reverting removal of 'api/ciphers/move' POST as it is required for backward compatibility 2018-08-01 11:21:05 +05:30
Kumar Ankur
fcc485384f clean up 2018-08-01 04:12:46 +05:30
Kumar Ankur
91a2319325 Implementing PUT for ciphers/move (#99) 2018-08-01 03:58:47 +05:30
Shane A. Faulkner
34d2648509
Merge pull request #3 from shauder/master
Sync working branch with changes in master upstream
2018-07-31 12:05:52 -05:00
Miroslav Prasil
2872f40d13 WAL journal mode and delete retry added 2018-07-31 16:43:43 +01:00
Daniel García
a291dea16f Updated dependencies and Docker image to new web-vault 2018-07-21 17:27:00 +02:00
Shane A. Faulkner
98bae4a0a1 Cleanup and working with 2 or less attachments 2018-07-18 15:35:45 -05:00
Miroslav Prasil
233d23a527 Return 404 in case the path doesn't match instead of 500 2018-07-18 11:54:33 +01:00
Miroslav Prasil
de72655bb1 Add confirmed check to the OrgHeaders request guard 2018-07-16 10:23:45 +01:00
Shane A. Faulkner
31349a47d3 Very dirty addition of missing api's 2018-07-14 01:09:20 -05:00
Miroslav Prasil
692ed81306 Do not show organization stuff to not accepted user 2018-07-13 17:21:19 +01:00
Daniel García
819622e310 Documented U2F, removed debug prints, and documented missing features 2018-07-13 15:58:50 +02:00
Daniel García
970863ffb1 Set facets contentType 2018-07-13 15:05:00 +02:00
Daniel García
75615bb5c8 Ignore U2F challenge if not provided. Also checked that error_code has to be 0 for a successfull registration 2018-07-13 12:37:46 +02:00
Daniel García
6378d96d1a Add some extra debug prints 2018-07-13 11:07:20 +02:00
Daniel García
c722256cbd Remove debug print 2018-07-13 00:40:59 +02:00
Daniel García
8ff50481e5 Use X-Forwarded-Host if available 2018-07-13 00:33:28 +02:00
Daniel García
be4e6c6f0c Merge branch 'master' into u2f 2018-07-12 23:54:56 +02:00
Daniel García
2f892cb866 Hide org ciphers from unconfirmed users (Showed deciption error) 2018-07-12 23:45:41 +02:00
Daniel García
4f6f510bd4 Improve domain detection, should fix attachment problems. Otherwise, set the DOMAIN env variable to the correct domain 2018-07-12 23:28:16 +02:00
Daniel García
dae92b9018 Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 22:22:10 +02:00
Daniel García
1cb67eee69 Implement leave organization (accessed from the bottom of the user's settings page) 2018-07-11 16:30:03 +02:00
Daniel García
e88d8c856d Change host url to https when it's enabled, should fix some problems downloading attachments 2018-07-11 16:23:39 +02:00
Daniel García
df598d7208 Log posible errors when attaching file 2018-07-06 17:23:12 +02:00
Daniel García
35b4ad69bd Remove unused warnings 2018-07-04 14:27:47 +02:00
Daniel García
22786c8c9d
Merge pull request #55 from mprasil/debug_prints
Remove some extra debug prints
2018-07-01 16:02:18 +02:00
Daniel García
a1ffa4c28d Allow TOTP generation in organizations (Fixes #50) 2018-07-01 15:49:52 +02:00
Miroslav Prasil
9f8183deb0 Remove some extra debug prints 2018-07-01 14:48:18 +01:00
Daniel García
ea600ab2b8 Don't ignore errors while downloading icons 2018-07-01 15:27:42 +02:00
Miroslav Prasil
d84d8d756f Implement delete-admin call 2018-07-01 12:43:11 +01:00