BlockListed
1 year ago
No known key found for this signature in database
GPG Key ID: 2D204777C477B588
4 changed files with
13 additions and
17 deletions
-
src/api/admin.rs
-
src/api/core/sends.rs
-
src/api/core/two_factor/webauthn.rs
-
src/api/identity.rs
|
|
@ -98,10 +98,6 @@ const BASE_TEMPLATE: &str = "admin/base"; |
|
|
|
|
|
|
|
const ACTING_ADMIN_USER: &str = "vaultwarden-admin-00000-000000000000"; |
|
|
|
|
|
|
|
fn admin_path() -> String { |
|
|
|
ADMIN_PATH.to_string() |
|
|
|
} |
|
|
|
|
|
|
|
#[derive(Debug)] |
|
|
|
struct IpHeader(Option<String>); |
|
|
|
|
|
|
@ -132,7 +128,6 @@ fn admin_url(origin: &str) -> String { |
|
|
|
format!("{}{}", origin, admin_path()) |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
#[derive(Responder)] |
|
|
|
enum AdminResponse { |
|
|
|
#[response(status = 200)] |
|
|
|
|
|
@ -9,9 +9,7 @@ use rocket::serde::json::Json; |
|
|
|
use serde_json::Value; |
|
|
|
|
|
|
|
use crate::{ |
|
|
|
api::{ApiResult, EmptyResult, JsonResult, JsonUpcase, Notify, NumberOrString, UpdateType}, |
|
|
|
auth::{ClientIp, Headers, HostInfo}, |
|
|
|
api::{ApiResult, EmptyResult, JsonResult, JsonUpcase, Notify, NumberOrString, UpdateType}, |
|
|
|
api::{ApiResult, EmptyResult, JsonResult, JsonUpcase, Notify, UpdateType}, |
|
|
|
auth::{ClientIp, Headers, HostInfo}, |
|
|
|
db::{models::*, DbConn, DbPool}, |
|
|
|
util::{NumberOrString, SafeString}, |
|
|
|
|
|
@ -141,14 +141,15 @@ async fn generate_webauthn_challenge( |
|
|
|
.map(|r| r.credential.cred_id) // We return the credentialIds to the clients to avoid double registering
|
|
|
|
.collect(); |
|
|
|
|
|
|
|
let (challenge, state) = WebauthnConfig::load(&host_info.base_url, &host_info.origin).generate_challenge_register_options( |
|
|
|
user.uuid.as_bytes().to_vec(), |
|
|
|
user.email, |
|
|
|
user.name, |
|
|
|
Some(registrations), |
|
|
|
None, |
|
|
|
None, |
|
|
|
)?; |
|
|
|
let (challenge, state) = WebauthnConfig::load(&host_info.base_url, &host_info.origin) |
|
|
|
.generate_challenge_register_options( |
|
|
|
user.uuid.as_bytes().to_vec(), |
|
|
|
user.email, |
|
|
|
user.name, |
|
|
|
Some(registrations), |
|
|
|
None, |
|
|
|
None, |
|
|
|
)?; |
|
|
|
|
|
|
|
let type_ = TwoFactorType::WebauthnRegisterChallenge; |
|
|
|
TwoFactor::new(user.uuid, type_, serde_json::to_string(&state)?).save(&mut conn).await?; |
|
|
|
|
|
@ -524,7 +524,9 @@ async fn twofactor_auth( |
|
|
|
Some(TwoFactorType::Authenticator) => { |
|
|
|
authenticator::validate_totp_code_str(&user.uuid, twofactor_code, &selected_data?, ip, conn).await? |
|
|
|
} |
|
|
|
Some(TwoFactorType::Webauthn) => webauthn::validate_webauthn_login(&user.uuid, twofactor_code, base_url, origin, conn).await?, |
|
|
|
Some(TwoFactorType::Webauthn) => { |
|
|
|
webauthn::validate_webauthn_login(&user.uuid, twofactor_code, base_url, origin, conn).await? |
|
|
|
} |
|
|
|
Some(TwoFactorType::YubiKey) => yubikey::validate_yubikey_login(twofactor_code, &selected_data?).await?, |
|
|
|
Some(TwoFactorType::Duo) => { |
|
|
|
duo::validate_duo_login(data.username.as_ref().unwrap().trim(), twofactor_code, conn).await? |
|
|
|