vaultwarden

Commit Graph

Author	SHA1	Message	Date
Jeremy Lin	c2a324e5da	Clean up domain whitelist logic * Make `SIGNUPS_DOMAINS_WHITELIST` override the `SIGNUPS_ALLOWED` setting. Otherwise, a common pitfall is to set `SIGNUPS_DOMAINS_WHITELIST` without realizing that `SIGNUPS_ALLOWED=false` must also be set. * Whitespace is now accepted in `SIGNUPS_DOMAINS_WHITELIST`. That is, `foo.com, bar.com` is now equivalent to `foo.com,bar.com`. * Add validation on `SIGNUPS_DOMAINS_WHITELIST`. For example, `foo.com,` is rejected as containing an empty token.	5 years ago
Daniel García	912e1f93b7	Fix some lints	5 years ago
tomuta	bd1e8be328	Implement change-email, email-verification, account-recovery, and welcome notifications	5 years ago
tomuta	64d6f72e6c	Add the ability to disable signups, but allow signups from a whitelist This feature can be enabled by setting SIGNUPS_ALLOWED=false and providing a comma-separated list of whitelisted domains in SIGNUPS_DOMAINS_WHITELIST. Fixes #727	5 years ago
Miro Prasil	00a11b1b78	Stop leaking usernames when SIGNUPS_ALLOWED=false This fixes #691 - respond in less specific way to not leak the fact that user is already registered on the server.	6 years ago
Emil Madsen	e22e290f67	Fix key and type variable names for mysql	6 years ago
Daniel García	6027b969f5	Delete old devices when deauthorizing user sessions	6 years ago
Daniel García	86ed75bf7c	Config can now be serialized / deserialized	6 years ago
Daniel García	a1dc47b826	Change config to thread-safe system, needed for a future config panel. Improved some two factor methods.	6 years ago
Daniel García	834c847746	Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template	6 years ago
Daniel García	4309df8334	Only create invitations when SMTP is disabled, and ignore invitations if we have a token. Disallow users from accepting invitation twice	6 years ago
Daniel García	5f49ecd7f3	Updated dependencies to use u2f crate directly, and some style changes	6 years ago
Daniel García	30e768613b	Start using rustfmt and some style changes to make some lines shorter	6 years ago
Daniel García	2bb0b15e04	Implemented better errors for JWT	6 years ago
Daniel García	250a2b340f	Use new Errors in latest changes	6 years ago
Daniel García	6a99849a1e	Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option.	6 years ago
Nick Fox	2cd736ab81	Validate JWT if a user registers with SMTP invites enabled	6 years ago
Nick Fox	26bf7bc12f	Use upstream jslib invite/registration workflow	6 years ago
Nick Fox	9479108fb7	Remove CONFIG.email_invitations	6 years ago
Nick Fox	4910b14d57	Implement email invitations and registration workflow	6 years ago
Daniel García	94810c106a	Migrate to rust 2018 edition	6 years ago
Daniel García	f71f10eac6	Implemented key rotation with the latest vault	6 years ago
Daniel García	c673370103	Updated bw_rs to Rocket version 0.4-rc1	7 years ago
janost	e985221b50	User::save() should return QueryResult instead of bool	7 years ago
janost	64f6c60bfd	Organization::save() and UserOrganization::save() should return QueryResult instead of bool	7 years ago
Miroslav Prasil	a28caa33ef	Implement poor man's admin panel	7 years ago
Daniel García	7112c86471	Updated dependencies, removed valid mail check (now done by lettre), and updated global domains file	7 years ago
Daniel García	ebb66c374e	Implement KDF iterations change (Fixes #195 )	7 years ago
Miroslav Prasil	f7951b44ba	Add alias for DELETE call on accounts	7 years ago
Daniel García	b75ba216d1	Return default prelogin values when the user doesn't exist	7 years ago
Daniel García	8651df8c2a	Fixed some lint issues	7 years ago
Daniel García	3e1afb139c	Remove unnecessary return	7 years ago
Miroslav Prasil	c1cd4d9a6b	Modify User::new to be keyless and paswordless	7 years ago
Miroslav Prasil	ec05f14f5a	Implement poor man's invitation via Organization invitation	7 years ago
Jean-Christophe BEGUE	37d88be2be	return an error when email adress for password hint is not valid	7 years ago
Jean-Christophe BEGUE	1c641d7635	Special messages when user has no password hint	7 years ago
Jean-Christophe BEGUE	e2ab2f7306	Save None instead of empty password hint	7 years ago
Daniel García	8d1ee859f2	Implemented basic support for prelogin and notification negotiation	7 years ago
Jean-Christophe BEGUE	9e63985b28	Check email validity before using it for password hint sending	7 years ago
Miroslav Prasil	12a2dc0901	Add PUT alias for profile update	7 years ago
Jean-Christophe BEGUE	d68f57cbba	Fix password hint showing logic	7 years ago
Jean-Christophe BEGUE	812387e586	SMTP integration, send password hint by email.	7 years ago
Miroslav Prasil	58c1545707	Return revision date in miliseconds (fixes #127 )	7 years ago
Jean-Christophe BEGUE	d3b4b10d18	Add a explaination to the password hint message #85	7 years ago
Jean-Christophe BEGUE	c031ae9f2f	Make password hints available in the error message #85	7 years ago
Daniel García	1c45c2ec3a	Implemented API endpoints to modify profile name and hint, and to change email address, fixes #43	7 years ago
Daniel García	410ee9f1f7	Fixed case problems, hopefully this time for real	7 years ago
Daniel García	483066b9a0	Some style changes, removed useless matches and formats	7 years ago
Daniel García	2be1dafe80	Missed some	7 years ago
Daniel García	5ec728683e	Make sure the inputs are always in the same case (PascalCase, which is what upstream seems to prefer most of the time)	7 years ago

1 2

66 Commits (0de52c6c99737cb1ee0c33c138ccedd7ed955fd5)