Go to file
BlackDex 7cf8809d77 Adding Manager Role support
This has been requested a few times (#1136 & #246 & forum), and there already were two
(1:1 duplicate) PR's (#1222 & #1223) which needed some changes and no
followups or further comments unfortunally.

This PR adds two auth headers.
- ManagerHeaders
  Checks if the user-type is Manager or higher and if the manager is
part of that collection or not.
- ManagerHeadersLoose
  Check if the user-type is Manager or higher, but does not check if the
user is part of the collection, needed for a few features like
retreiving all the users of an org.

I think this is the safest way to implement this instead of having to
check this within every function which needs this manually.

Also some extra checks if a manager has access to all collections or
just a selection.

fixes #1136
2020-12-02 22:50:51 +01:00
.github Updated bug-report to note to update first 2020-10-11 15:58:31 +02:00
docker Remove some duplicate code in Dockerfile with the help of some variables 2020-10-11 17:27:15 +02:00
hooks Fixed building mysql, postgresql and sqlite3 for arm 2020-10-06 18:04:53 +02:00
migrations Transfer favorite status for user-owned ciphers 2020-08-22 17:14:05 -07:00
src Adding Manager Role support 2020-12-02 22:50:51 +01:00
tools Add a script to auto-generate the global equivalent domains JSON file 2020-08-06 12:12:32 -07:00
.dockerignore Change Dockerfiles to make the AMD image multidb 2020-08-24 20:58:00 +02:00
.env.template Updated email processing. 2020-11-18 12:07:08 +01:00
.gitignore Rename included .env file to .env.template and ignored .env 2019-01-06 22:50:30 +01:00
.hadolint.yaml add hadolint config file 2019-07-05 11:06:44 +02:00
.travis.yml Change CI to run tests 2019-11-30 23:32:31 +01:00
azure-pipelines.yml Updated the azure-pipelines.yml for multidb 2020-10-08 18:48:05 +02:00
build.rs Add support for multiple simultaneous database features by using macros. 2020-08-24 20:11:17 +02:00
Cargo.lock Updated email processing. 2020-11-18 12:07:08 +01:00
Cargo.toml Updated email processing. 2020-11-18 12:07:08 +01:00
diesel.toml Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage. 2018-06-12 17:30:36 +02:00
Dockerfile Change Dockerfiles to make the AMD image multidb 2020-08-24 20:58:00 +02:00
LICENSE.txt Upload and download attachments, and added License file 2018-02-15 00:40:34 +01:00
README.md Updated sponsors 2020-10-03 20:48:02 +02:00
Rocket.toml Document configuration a bit and increase JSON size limit to 10MB 2018-06-29 23:11:15 +02:00
rust-toolchain Updated dependencies 2020-10-15 23:44:35 +02:00
rustfmt.toml Formatting 2019-12-27 18:37:14 +01:00

This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.


Travis Build Status Docker Pulls Dependency Status GitHub Release GPL-3.0 Licensed Matrix Chat

Image is based on Rust implementation of Bitwarden API.

This project is not associated with the Bitwarden project nor 8bit Solutions LLC.

⚠️IMPORTANT⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.


Features

Basically full implementation of Bitwarden API is provided including:

  • Organizations support
  • Attachments
  • Vault API support
  • Serving the static files for Vault interface
  • Website icons API
  • Authenticator and U2F support
  • YubiKey and Duo support

Installation

Pull the docker image and mount a volume from the host for persistent storage:

docker pull bitwardenrs/server:latest
docker run -d --name bitwarden -v /bw-data/:/data/ -p 80:80 bitwardenrs/server:latest

This will preserve any persistent data under /bw-data/, you can adapt the path to whatever suits you.

IMPORTANT: Some web browsers, like Chrome, disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'. To solve this problem, you need to access the web vault from HTTPS.

This can be configured in bitwarden_rs directly or using a third-party reverse proxy (some examples).

If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy (see examples linked above).

Usage

See the bitwarden_rs wiki for more information on how to configure and run the bitwarden_rs server.

Get in touch

To ask a question, offer suggestions or new features or to get help configuring or installing the software, please use the forum.

If you spot any bugs or crashes with bitwarden_rs itself, please create an issue. Make sure there aren't any similar issues open, though!

If you prefer to chat, we're usually hanging around at #bitwarden_rs:matrix.org room on Matrix. Feel free to join us!

Sponsors

Thanks for your contribution to the project!