vaultwarden/src/api/mod.rs

mod admin;
pub mod core;
mod icons;
mod identity;
mod notifications;
mod push;
mod web;

use rocket::serde::json::Json;
use serde_json::Value;

pub use crate::api::{
    admin::catchers as admin_catchers,
    admin::routes as admin_routes,
    core::catchers as core_catchers,
    core::purge_auth_requests,
    core::purge_sends,
    core::purge_trashed_ciphers,
    core::routes as core_routes,
    core::two_factor::send_incomplete_2fa_notifications,
    core::{emergency_notification_reminder_job, emergency_request_timeout_job},
    core::{event_cleanup_job, events_routes as core_events_routes},
    icons::routes as icons_routes,
    identity::routes as identity_routes,
    notifications::routes as notifications_routes,
    notifications::{start_notification_server, AnonymousNotify, Notify, UpdateType, WS_ANONYMOUS_SUBSCRIPTIONS},
    push::{
        push_cipher_update, push_folder_update, push_logout, push_send_update, push_user_update, register_push_device,
        unregister_push_device,
    },
    web::catchers as web_catchers,
    web::routes as web_routes,
    web::static_files,
};
use crate::db::{models::User, DbConn};
use crate::util;

// Type aliases for API methods results
type ApiResult<T> = Result<T, crate::error::Error>;
pub type JsonResult = ApiResult<Json<Value>>;
pub type EmptyResult = ApiResult<()>;

type JsonUpcase<T> = Json<util::UpCase<T>>;
type JsonUpcaseVec<T> = Json<Vec<util::UpCase<T>>>;
type JsonVec<T> = Json<Vec<T>>;

// Common structs representing JSON data received
#[derive(Deserialize)]
#[allow(non_snake_case)]
struct PasswordOrOtpData {
    MasterPasswordHash: Option<String>,
    Otp: Option<String>,
}

impl PasswordOrOtpData {
    /// Tokens used via this struct can be used multiple times during the process
    /// First for the validation to continue, after that to enable or validate the following actions
    /// This is different per caller, so it can be adjusted to delete the token or not
    pub async fn validate(&self, user: &User, delete_if_valid: bool, conn: &mut DbConn) -> EmptyResult {
        use crate::api::core::two_factor::protected_actions::validate_protected_action_otp;

        match (self.MasterPasswordHash.as_deref(), self.Otp.as_deref()) {
            (Some(pw_hash), None) => {
                if !user.check_valid_password(pw_hash) {
                    err!("Invalid password");
                }
            }
            (None, Some(otp)) => {
                validate_protected_action_otp(otp, &user.uuid, delete_if_valid, conn).await?;
            }
            _ => err!("No validation provided"),
        }
        Ok(())
    }
}
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123' 2018-12-18 01:53:21 +01:00			`mod admin;`
Remove unused dependency and simple feature, update dependencies and fix some clippy lints 2020-05-03 17:24:51 +02:00			`pub mod core;`
First working version 2018-02-10 01:00:55 +01:00			`mod icons;`
			`mod identity;`
Implemented basic support for prelogin and notification negotiation 2018-08-24 19:02:34 +02:00			`mod notifications;`
feat: Push Notifications Co-authored-by: samb-devel <125741162+samb-devel@users.noreply.github.com> Co-authored-by: Zoruk <Zoruk@users.noreply.github.com> 2023-06-11 13:28:18 +02:00			`mod push;`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`mod web;`
First working version 2018-02-10 01:00:55 +01:00
Update to rocket 0.5 and made code async, missing updating all db calls, that are currently blocking 2021-11-07 18:53:39 +01:00			`use rocket::serde::json::Json;`
Updated bw_rs to Rocket version 0.4-rc1 2018-10-10 20:40:39 +02:00			`use serde_json::Value;`
Detect device type correctly and shorten return types of functions 2018-02-17 20:47:13 +01:00
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:00:09 +02:00			`pub use crate::api::{`
redirect to admin login page when forward fails currently, if the admin guard fails the user will get a 404 page. and when the session times out after 20 minutes post methods will give the reason "undefined" as a response while generating the support string will fail without any user feedback. this commit changes the error handling on admin pages * by removing the reliance on Rockets forwarding and making the login page an explicit route that can be redirected to from all admin pages * by removing the obsolete and mostly unused Referer struct we can redirect the user back to the requested admin page directley * by providing an error message for json requests the `get_diagnostics_config` and all post methods can return a more comprehensible message and the user can be alerted * the `admin_url()` function can be simplified because rfc2616 has been obsoleted by rfc7231 in 2014 (and also by the recently released rfc9110) which allows relative urls in the Location header. c.f. https://www.rfc-editor.org/rfc/rfc7231#section-7.1.2 and https://www.rfc-editor.org/rfc/rfc9110#section-10.2.2 2022-11-27 00:00:01 +01:00			`admin::catchers as admin_catchers,`
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:00:09 +02:00			`admin::routes as admin_routes,`
add api_not_found catcher for 404 errors in /api 2022-09-25 10:55:55 +02:00			`core::catchers as core_catchers,`
Implement login-with-device 2023-08-04 21:12:23 +02:00			`core::purge_auth_requests,`
Add a generic job scheduler Also rewrite deletion of old sends using the job scheduler. 2021-04-03 05:16:49 +02:00			`core::purge_sends,`
Add support for auto-deleting trashed items Upstream will soon auto-delete trashed items after 30 days, but some people use the trash as an archive folder, so to avoid unexpected data loss, this implementation requires the user to explicitly enable auto-deletion. 2021-04-03 05:52:15 +02:00			`core::purge_trashed_ciphers,`
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:00:09 +02:00			`core::routes as core_routes,`
Add email notifications for incomplete 2FA logins An incomplete 2FA login is one where the correct master password was provided, but the 2FA token or action required to complete the login was not provided within the configured time limit. This potentially indicates that the user's master password has been compromised, but the login was blocked by 2FA. Be aware that the 2FA step can usually still be completed after the email notification has already been sent out, which could be confusing. Therefore, the incomplete 2FA time limit should be long enough that this situation would be unlikely. This feature can also be disabled entirely if desired. 2021-10-25 10:36:05 +02:00			`core::two_factor::send_incomplete_2fa_notifications,`
Add Emergency contact feature Signed-off-by: thelittlefireman <thelittlefireman@users.noreply.github.com> 2021-03-24 20:15:55 +01:00			`core::{emergency_notification_reminder_job, emergency_request_timeout_job},`
Add Organizational event logging feature This PR adds event/audit logging support for organizations. By default this feature is disabled, since it does log a lot and adds extra database transactions. All events are touched except a few, since we do not support those features (yet), like SSO for example. This feature is tested with multiple clients and all database types. Fixes #229 2022-11-20 19:15:45 +01:00			`core::{event_cleanup_job, events_routes as core_events_routes},`
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:00:09 +02:00			`icons::routes as icons_routes,`
			`identity::routes as identity_routes,`
			`notifications::routes as notifications_routes,`
Implement login-with-device 2023-08-04 21:12:23 +02:00			`notifications::{start_notification_server, AnonymousNotify, Notify, UpdateType, WS_ANONYMOUS_SUBSCRIPTIONS},`
feat: Push Notifications Co-authored-by: samb-devel <125741162+samb-devel@users.noreply.github.com> Co-authored-by: Zoruk <Zoruk@users.noreply.github.com> 2023-06-11 13:28:18 +02:00			`push::{`
			`push_cipher_update, push_folder_update, push_logout, push_send_update, push_user_update, register_push_device,`
			`unregister_push_device,`
			`},`
add not_found catcher for 404 errors 2022-09-25 04:02:16 +02:00			`web::catchers as web_catchers,`
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:00:09 +02:00			`web::routes as web_routes,`
use static_files() for email attachments Apply suggestions from code review Co-authored-by: Mathijs van Veluw <black.dex@gmail.com> 2022-10-06 11:59:47 +02:00			`web::static_files,`
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:00:09 +02:00			`};`
Add Protected Actions Check (#4067) Since the feature `Login with device` some actions done via the web-vault need to be verified via an OTP instead of providing the MasterPassword. This only happens if a user used the `Login with device` on a device which uses either Biometrics login or PIN. These actions prevent the athorizing device to send the MasterPasswordHash. When this happens, the web-vault requests an OTP to be filled-in and this OTP is send to the users email address which is the same as the email address to login. The only way to bypass this is by logging in with the your password, in those cases a password is requested instead of an OTP. In case SMTP is not enabled, it will show an error message telling to user to login using there password. Fixes #4042 2023-11-12 22:15:44 +01:00			`use crate::db::{models::User, DbConn};`
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:00:09 +02:00			`use crate::util;`

Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings 2018-02-23 00:38:54 +01:00			`// Type aliases for API methods results`
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option. 2018-12-19 21:52:53 +01:00			`type ApiResult<T> = Result<T, crate::error::Error>;`
			`pub type JsonResult = ApiResult<Json<Value>>;`
			`pub type EmptyResult = ApiResult<()>;`
Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings 2018-02-23 00:38:54 +01:00
Make sure the inputs are always in the same case (PascalCase, which is what upstream seems to prefer most of the time) 2018-06-01 00:18:50 +02:00			`type JsonUpcase<T> = Json<util::UpCase<T>>;`
Fix editing users from collections menu 2019-01-25 17:43:51 +01:00			`type JsonUpcaseVec<T> = Json<Vec<util::UpCase<T>>>;`
group support 2022-10-20 15:31:53 +02:00			`type JsonVec<T> = Json<Vec<T>>;`
Make sure the inputs are always in the same case (PascalCase, which is what upstream seems to prefer most of the time) 2018-06-01 00:18:50 +02:00
Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings 2018-02-23 00:38:54 +01:00			`// Common structs representing JSON data received`
			`#[derive(Deserialize)]`
			`#[allow(non_snake_case)]`
Add Protected Actions Check (#4067) Since the feature `Login with device` some actions done via the web-vault need to be verified via an OTP instead of providing the MasterPassword. This only happens if a user used the `Login with device` on a device which uses either Biometrics login or PIN. These actions prevent the athorizing device to send the MasterPasswordHash. When this happens, the web-vault requests an OTP to be filled-in and this OTP is send to the users email address which is the same as the email address to login. The only way to bypass this is by logging in with the your password, in those cases a password is requested instead of an OTP. In case SMTP is not enabled, it will show an error message telling to user to login using there password. Fixes #4042 2023-11-12 22:15:44 +01:00			`struct PasswordOrOtpData {`
			`MasterPasswordHash: Option<String>,`
			`Otp: Option<String>,`
			`}`

			`impl PasswordOrOtpData {`
			`/// Tokens used via this struct can be used multiple times during the process`
			`/// First for the validation to continue, after that to enable or validate the following actions`
			`/// This is different per caller, so it can be adjusted to delete the token or not`
			`pub async fn validate(&self, user: &User, delete_if_valid: bool, conn: &mut DbConn) -> EmptyResult {`
			`use crate::api::core::two_factor::protected_actions::validate_protected_action_otp;`

			`match (self.MasterPasswordHash.as_deref(), self.Otp.as_deref()) {`
			`(Some(pw_hash), None) => {`
			`if !user.check_valid_password(pw_hash) {`
			`err!("Invalid password");`
			`}`
			`}`
			`(None, Some(otp)) => {`
			`validate_protected_action_otp(otp, &user.uuid, delete_if_valid, conn).await?;`
			`}`
			`_ => err!("No validation provided"),`
			`}`
			`Ok(())`
			`}`
Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings 2018-02-23 00:38:54 +01:00			`}`