Tree: 3968bc8016

main

non_editable

register_verify_email

test_dylint

0.10.0

0.11.0

0.12.0

0.13.0

0.9.0

1.0.0

1.1.0

1.10.0

1.11.0

1.12.0

1.13.0

1.13.1

1.14

1.14.1

1.14.2

1.15.0

1.15.1

1.16.0

1.16.1

1.16.2

1.16.3

1.17.0

1.18.0

1.19.0

1.2.0

1.20.0

1.21.0

1.22.0

1.22.1

1.22.2

1.23.0

1.23.1

1.24.0

1.25.0

1.25.1

1.25.2

1.26.0

1.27.0

1.28.0

1.28.1

1.29.0

1.29.1

1.29.2

1.3.0

1.30.0

1.30.1

1.30.2

1.30.3

1.30.4

1.30.5

1.31.0

1.32.0

1.32.1

1.32.2

1.32.3

1.32.4

1.32.5

1.32.6

1.32.7

1.33.0

1.33.1

1.33.2

1.4.0

1.5.0

1.6.0

1.6.1

1.7.0

1.8.0

1.9.0

1.9.1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '3968bc8016'

${ noResults }

Commit Graph

374 Commits (3968bc8016611cdf9a84db68990f27624ab17889)

Author	SHA1	Message	Date
BlackDex	9a47821642	Fixed creating a new organization - The new web-vault needs a new api endpoint. - Added this new endpoint. Fixes #1139	4 years ago
Jeremy Lin	4c3b328aca	Hide ciphers from non-selected collections for org owners/admins If org owners/admins set their org access to only include selected collections, then ciphers from non-selected collections shouldn't appear in "My Vault". This matches the upstream behavior.	5 years ago
Jeremy Lin	f83a8a36d1	Track favorites on a per-user basis Currently, favorites are tracked at the cipher level. For org-owned ciphers, this means that if one user sets it as a favorite, it automatically becomes a favorite for all other users that the cipher has been shared with.	5 years ago
Jeremy Lin	570d6c8bf9	Add support for restricting org creation to certain users	5 years ago
Jeremy Lin	a846f6c610	Fix soft delete notifications A soft-deleted entry should now show up in the trash folder immediately (previously, an extra sync was required).	5 years ago
Daniel García	668d5c23dc	Removed try_trait and some formatting, particularly around imports	5 years ago
Jeremy Lin	979d010dc2	Add support for hiding passwords in a collection Ref: https://github.com/bitwarden/server/pull/743	5 years ago
BlackDex	24c914799d	Fixes #1022 cloning with attachments When a cipher has one or more attachments it wasn't able to be cloned. This commit fixes that issue.	5 years ago
Jeremy Lin	a314933557	Allow email changes for existing accounts even when signups are disabled	5 years ago
Daniel García	0807783388	Add ip on totp miss	5 years ago
theycallmesteve	5571a5d8ed	Update post_keys to return a keys response model	5 years ago
theycallmesteve	6a8c65493f	Rename collection_user_details to collection_read_only to reflect the response model	5 years ago
theycallmesteve	dfdf4473ea	Rename to_json_list to to_json_provder to reflect the response model	5 years ago
theycallmesteve	632f4d5453	Whitespace fixes	5 years ago
Daniel García	9cca64003a	Remove unused dependency and simple feature, update dependencies and fix some clippy lints	5 years ago
Daniel García	e3b00b59a7	Initial support for soft deletes	5 years ago
Jeremy Lin	e4d08836e2	Make org owner invitations respect the email domain whitelist This closes a loophole where org owners can invite new users from any domain.	5 years ago
Jeremy Lin	c2a324e5da	Clean up domain whitelist logic * Make `SIGNUPS_DOMAINS_WHITELIST` override the `SIGNUPS_ALLOWED` setting. Otherwise, a common pitfall is to set `SIGNUPS_DOMAINS_WHITELIST` without realizing that `SIGNUPS_ALLOWED=false` must also be set. * Whitespace is now accepted in `SIGNUPS_DOMAINS_WHITELIST`. That is, `foo.com, bar.com` is now equivalent to `foo.com,bar.com`. * Add validation on `SIGNUPS_DOMAINS_WHITELIST`. For example, `foo.com,` is rejected as containing an empty token.	5 years ago
Jeremy Lin	6cd8512bbd	Fix Duo auth failure with non-lowercased email addresses	5 years ago
Jeremy Lin	7407b8326a	Fix attachment size limit calculation The config values (in KB) need to be converted to bytes when comparing against total attachment sizes.	5 years ago
Daniel García	94341f9f3f	Fix token error while accepting invite	5 years ago
Daniel García	2ee07ea1d8	Fix empty data when cloning cipher	5 years ago
BlackDex	1b4b40c95d	Updated reqwest to the latest version. - Use the blocking client (no async). - Disabled gzip. - use_sys_proxy is now default.	5 years ago
Daniel García	a30d5f4cf9	Fix cloning issues	5 years ago
Daniel García	3fa78e7bb1	Initial version of policies	5 years ago
Daniel García	70f3ab8ec3	Migrate lazy_static to once_cell, less macro magic and slightly faster	5 years ago
Jeremy Lin	29a0795219	Add backend support for alternate base dir (subdir/subpath) hosting To use this, include a path in the `DOMAIN` URL, e.g.: * `DOMAIN=https://example.com/custom-path` * `DOMAIN=https://example.com/multiple/levels/are/ok`	5 years ago
Daniel García	325039c316	Attachment size limits, per-user and per-organization	5 years ago
Daniel García	f5916ec396	Fix backwards indices	5 years ago
Daniel García	def174a517	Convert email domains to punycode	5 years ago
Daniel García	84ed185579	Update u2f to 0.2, which requires OpenSSL but also might solve the problems we've had with certificates. The rust image doesn't need installing curl or tar, so removed. Also collapsed ENV lines.	5 years ago
Daniel García	e274af6e3d	Print current server time when failing TOTP, and use chrono as the rest of the server	5 years ago
Daniel García	a0ece3754b	Formatting	5 years ago
Daniel García	912e1f93b7	Fix some lints	5 years ago
Daniel García	adc443ea80	Add endpoint to delete specific U2F key	5 years ago
Daniel García	12928b832c	Fix broken tests	5 years ago
tomuta	bd1e8be328	Implement change-email, email-verification, account-recovery, and welcome notifications	5 years ago
tomuta	64d6f72e6c	Add the ability to disable signups, but allow signups from a whitelist This feature can be enabled by setting SIGNUPS_ALLOWED=false and providing a comma-separated list of whitelisted domains in SIGNUPS_DOMAINS_WHITELIST. Fixes #727	5 years ago
BlackDex	3f6809bcdf	Fixed issue/request #705 Added a config option to disable time drifted totp codes. Default is false, since this is what the RFC recommends.	5 years ago
Patrick Li	85dbf4e16c	Don't include excluded global equivalent domains during sync Fixes #681	5 years ago
Daniel García	e449912f05	Generate recovery codes for email and duo	5 years ago
Daniel García	d29b6bee28	Remove unnecessary clones and other clippy fixes	5 years ago
Miro Prasil	00a11b1b78	Stop leaking usernames when SIGNUPS_ALLOWED=false This fixes #691 - respond in less specific way to not leak the fact that user is already registered on the server.	5 years ago
vpl	2edecf34ff	Use user_uuid instead of mut twofactor	5 years ago
vpl	18bc8331f9	Send email when preparing 2FA JsonError	5 years ago
BlackDex	603a964579	Fixed issue #663. During the 2fa activation there is no twofactor record yet. Changed the layout a bit so that it will generate a new twofactor record when it does not exists yet. Else it will just update the already existing record.	5 years ago
BlackDex	9466f02696	Recoded TOTP time drift validation	5 years ago
BlackDex	ebf40099f2	Updated authenticator TOTP - Added security check for previouse used codes - Allow TOTP codes with 1 step back and forward when there is a time drift. This means in total 3 codes could be valid. But only newer codes then the previouse used codes are excepted after that.	5 years ago
BlackDex	edc482c8ea	Changed HIBP Error message. - Moved the manual link to the check to the top. - Clearified that hibp is a payed service. - Changed error logo to hibp logo.	5 years ago
BlackDex	6e5c03cc78	Some modification when no HIBP API Key is set - Added an URL with the useraccount for manual check. - Added support for HTTP(S)_PROXY for hibp.	5 years ago