bd1e8be328
Implement change-email, email-verification, account-recovery, and welcome notifications
6 years ago
ebf40099f2
Updated authenticator TOTP
- Added security check for previouse used codes
- Allow TOTP codes with 1 step back and forward when there is a time
drift. This means in total 3 codes could be valid. But only newer codes
then the previouse used codes are excepted after that.
6 years ago
4c07f05b3a
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder.
Removed unnecessary returns
6 years ago
f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246 .
This includes migrations as well as Dockerfile's for amd64.
The biggest change is that replace_into isn't supported by Diesel for the
PostgreSQL backend, instead requiring the use of on_conflict. This
unfortunately requires a branch for save() on all of the models currently
using replace_into.
6 years ago
df8114f8be
Updated client kdf iterations to 100000 and fixed some lints
6 years ago
6d460b44b0
Use saved token for email 2fa codes
6 years ago
29aedd388e
Add email code logic and move two_factor into separate modules
6 years ago
76f38621de
Update dependencies and remove unwraps from Cipher::to_json
6 years ago
e22e290f67
Fix key and type variable names for mysql
6 years ago
ab95a69dc8
Rework migrations for MySQL
6 years ago
0136c793b4
Implement better user status API, in the future we'll probably want a way to disable users.
We should migrate from the empty password hash to a separate column then.
6 years ago
621f607297
Update dependencies and fix some warnings
6 years ago
43f9038325
Add option to force resync clients in admin panel
6 years ago
7d2bc9e162
Added option to force 2fa at logins and made some changes to two factor code.
Added newlines to config options to keep them a reasonable length.
6 years ago
473f8b8e31
remove some unneeded mutability
6 years ago
9636f33fdb
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens
6 years ago
8b4a6f2a64
Fixed some clippy lints and changed update_uuid_revision to only use one db query
6 years ago
08ca47cadb
Update revision when adding or removing cipher from collection
6 years ago
5272b465cc
Update revision of affected users when deleting Collection
6 years ago
bce656c787
Retry updating revision - fixes #383
6 years ago
bef1183c49
Only send one notification per vault import and purge, improve move ciphers functions
6 years ago
69036cc6a4
Add disabled user badge (no password) and deauthorize button to admin page.
6 years ago
700e084101
Add 2FA icon to admin panel
6 years ago
a1dc47b826
Change config to thread-safe system, needed for a future config panel.
Improved some two factor methods.
6 years ago
86de0ca17b
Fix editing users from collections menu
6 years ago
fc0e239bdf
No point calling find_by_uuid now we don't use the result.
6 years ago
928ad6c1d8
Fix the list of users with access to a collection to display correctly.
https://github.com/dani-garcia/bitwarden_rs/issues/364
6 years ago
ddd49596ba
Fix invite empty email
6 years ago
834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template
6 years ago
6f52104324
Fix casing error in Attachment, should fix 'Attachment doesn't exist' errors
6 years ago
30e768613b
Start using rustfmt and some style changes to make some lines shorter
6 years ago
acb9d1b3c6
Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally
6 years ago
b2fc0499f6
Finish invite functionality, and remove virtual organization
6 years ago
6a99849a1e
Implemented proper error handling, now we can do `user.save($conn)?;` and it works.
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
6 years ago
1b5134dfe2
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
6 years ago
e7ea5097f4
Restrict join on users_collections to current user ( fixes #313 )
6 years ago
8451a70de6
Rewrite find_by_user_uuid to use one query
6 years ago
4e827e4f8a
Implement better retry and use it while saving device
6 years ago
7adc045b80
Updated IP logging to use client_ip, to match old remote behavior.
Improved error logging, now it won't show a generic error message in some situations.
Removed delete device, which is not needed as it will be overwritten later.
Logged more info when an error occurs saving a device.
Added orgmanager to JWT claims.
6 years ago
738ad2127b
Fixed some clippy linting issues
7 years ago
cb930a0858
Remove some required values during login, now uses default values
7 years ago
94810c106a
Migrate to rust 2018 edition
7 years ago
2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested)
7 years ago
6364c05789
Fix attachments during key rotation, add individual attachment key
7 years ago
f71f10eac6
Implemented key rotation with the latest vault
7 years ago
044cf19913
Prevent accepted user from seeing ciphers until confirmed ( fixes #196 )
7 years ago
dd684753d0
Fix gt()
7 years ago
f3e6cc6ffd
Set PartialOrd to consider invalid i32 UserOrgType lower than anything
7 years ago
66a4c5d48b
Implement comparison between i32 and UserOrgType
7 years ago
c673370103
Updated bw_rs to Rocket version 0.4-rc1
7 years ago
tomuta
BlackDex
Daniel García
Michael Powers
vpl
Emil Madsen
Дамјан Георгиевски
Miroslav Prasil
Stephen White
Andreas Schneider