lasers
/
bitwarden_rs
mirror of https://github.com/dani-garcia/bitwarden_rs
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,770 Commits 2 Branches 58 Tags 11 MiB
Commit Graph

75 Commits

Author SHA1 Message Date
Daniel García 2d5f172e77
Update to rocket 0.5 and made code async, missing updating all db calls, that are currently blocking 2022-01-30 22:25:54 +01:00
Jeremy Lin 8f7900759f Fix `scope` and `refresh_token` for API key logins 
API key logins use a scope of `api`, not `api offline_access`. Since
`offline_access` is not requested, no `refresh_token` is returned either.
 2022-01-21 23:10:15 -08:00
Jeremy Lin 69ee4a70b4 Add support for API keys 
This is mainly useful for CLI-based login automation.
 2022-01-21 23:10:11 -08:00
Daniel García 5529264c3f
Basic ratelimit for user login (including 2FA) and admin login 2021-12-22 21:48:49 +01:00
Jeremy Lin c476e19796 Add email notifications for incomplete 2FA logins 
An incomplete 2FA login is one where the correct master password was provided,
but the 2FA token or action required to complete the login was not provided
within the configured time limit. This potentially indicates that the user's
master password has been compromised, but the login was blocked by 2FA.

Be aware that the 2FA step can usually still be completed after the email
notification has already been sent out, which could be confusing. Therefore,
the incomplete 2FA time limit should be long enough that this situation would
be unlikely. This feature can also be disabled entirely if desired.
 2021-10-28 00:19:43 -07:00
Adam Jones d014eede9a
feature: Support single organization policy 
This adds back-end support for the [single organization policy](https://bitwarden.com/help/article/policies/#single-organization).
 2021-10-02 19:30:19 +02:00
Daniel García 9254cf9d9c
Fix clippy lints 2021-06-19 22:02:03 +02:00
Daniel García c380d9c379
Support for webauthn and u2f->webauthn migrations 2021-06-16 19:06:40 +02:00
Jake Howard 994669fb69
Merge remote-tracking branch 'origin/master' into fmt 2021-04-06 21:55:28 +01:00
Jake Howard 3ab90259f2
Modify rustfmt file 2021-04-06 21:54:42 +01:00
Daniel García b268c3dd1c
Update web vault and add unnoficialserver response 2021-04-06 20:38:22 +02:00
Jake Howard 0af3956abd
Run `cargo fmt` on codebase 2021-03-31 21:18:35 +01:00
janost 043aa27aa3 Implement admin ability to enable/disable users 2020-11-30 23:12:56 +01:00
Daniel García 29c6b145ca
Remove redundant user fetching from login 2020-08-11 16:48:15 +02:00
Daniel García ad48e9ed0f
Fix unlock on desktop clients 2020-08-04 15:12:04 +02:00
Daniel García 668d5c23dc
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:34:22 +02:00
Jeremy Lin a28ebcb401 Use local time in email notifications for new device logins 
In this implementation, the `TZ` environment variable must be set
in order for the formatted output to use a more user-friendly
time zone abbreviation (e.g., `UTC`). Otherwise, the output uses
the time zone's UTC offset (e.g., `+00:00`).
 2020-07-07 21:30:18 -07:00
Daniel García 0807783388
Add ip on totp miss 2020-05-14 00:19:50 +02:00
Daniel García 9cca64003a
Remove unused dependency and simple feature, update dependencies and fix some clippy lints 2020-05-03 17:24:51 +02:00
Jeremy Lin c06162b22f Handle `devicePushToken` 
Mobile push isn't currently supported, but this should get rid of spurious
`Detected unexpected parameter during login: devicepushtoken` warnings.
 2020-03-22 15:04:25 -07:00
Daniel García 5cabf4d040
Fix IP not shown when failed login (Fixes #761) 2019-12-07 14:38:32 +01:00
Daniel García 912e1f93b7
Fix some lints 2019-12-06 22:12:41 +01:00
tomuta bd1e8be328 Implement change-email, email-verification, account-recovery, and welcome notifications 2019-11-24 22:28:49 -07:00
vpl 2edecf34ff Use user_uuid instead of mut twofactor 2019-10-15 21:20:19 +02:00
vpl 18bc8331f9 Send email when preparing 2FA JsonError 2019-10-15 21:19:49 +02:00
BlackDex ebf40099f2 Updated authenticator TOTP 
- Added security check for previouse used codes
- Allow TOTP codes with 1 step back and forward when there is a time
drift. This means in total 3 codes could be valid. But only newer codes
then the previouse used codes are excepted after that.
 2019-10-10 17:32:20 +02:00
vpl 5d50b1ee3c Merge remote-tracking branch 'upstream/master' into email-codes 2019-08-26 21:38:45 +02:00
vpl ee7837d022 Add option to require new device emails 2019-08-19 22:14:00 +02:00
Daniel García 07743e490b
Ignore error sending device email 2019-08-18 19:32:26 +02:00
vpl 6d460b44b0 Use saved token for email 2fa codes 2019-08-04 17:21:57 +02:00
vpl efd8d9f528 Remove some unused imports, unneeded mut variables 2019-08-04 16:56:41 +02:00
vpl 29aedd388e Add email code logic and move two_factor into separate modules 2019-08-04 16:56:41 +02:00
vpl 27e0e41835 Add email authenticator logic 2019-08-04 16:56:39 +02:00
vpl df71f57d86 Move send device email to end of password login 
Send new device email after two factor authentication.
 2019-07-25 21:10:27 +02:00
vpl 60e39a9dd1 Move retrieve/new device from connData to separate function 2019-07-22 12:30:26 +02:00
vpl bc6a53b847 Add new device email when user logs in 2019-07-22 08:26:24 +02:00
Emil Madsen e22e290f67 Fix key and type variable names for mysql 2019-05-20 21:24:29 +02:00
Daniel García 253faaf023
Use users duo host when required, instead of always using the global one 2019-04-15 13:07:23 +02:00
Daniel García 8d9827c55f
Implement selection between global config and user settings for duo keys. 2019-04-11 18:40:03 +02:00
Daniel García 754087b990
Add global duo config and document options in .env template 2019-04-07 18:58:15 +02:00
Daniel García cfbeb56371
Implement user duo, initial version 
TODO:
- At the moment each user needs to configure a DUO application and input the API keys, we need to check if multiple users can register with the same keys correctly and if so we could implement a global setting.
- Sometimes the Duo frame doesn't load correctly, but canceling, reloading the page and logging in again seems to fix it for me.
 2019-04-05 22:09:53 +02:00
Daniel García 7d2bc9e162
Added option to force 2fa at logins and made some changes to two factor code. 
Added newlines to config options to keep them a reasonable length.
 2019-03-03 16:09:15 +01:00
Daniel García 5ee04e31e5
Updated dependencies, removed some unnecessary clones and fixed some lints 2019-02-20 17:54:18 +01:00
Daniel García 9636f33fdb
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens 2019-02-11 23:45:55 +01:00
Daniel García 700e084101
Add 2FA icon to admin panel 2019-01-25 18:50:57 +01:00
Daniel García a1dc47b826
Change config to thread-safe system, needed for a future config panel. 
Improved some two factor methods.
 2019-01-25 18:24:57 +01:00
Daniel García 30e768613b
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00
Daniel García 6a99849a1e
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. 
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
 2018-12-30 21:31:12 +01:00
Daniel García 5a9aab1a32
Implement fromform, and ignore case and underscores, fixes #298 2018-12-16 20:00:16 +01:00
algebro e26e2319da Close #264. Usernames and IP addresses are logged on successful authentication 2018-12-11 15:20:06 -05:00