mirrored/vaultwarden
1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-05 02:28:00 +01:00
Code Issues Releases Aktivität
vaultwarden/src/api/admin.rs

95 Zeilen
2,6 KiB
Rust
Originalformat Normale Ansicht Verlauf

Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
use rocket_contrib::json::Json;
use serde_json::Value;
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
use crate::api::{JsonResult, JsonUpcase};
use crate::CONFIG;
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
use crate::db::models::*;
use crate::db::DbConn;
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
use rocket::request::{self, FromRequest, Request};
use rocket::{Outcome, Route};
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
pub fn routes() -> Vec<Route> {
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
routes![get_users, invite_user, delete_user]
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
}
#[derive(Deserialize, Debug)]
#[allow(non_snake_case)]
struct InviteData {
Email: String,
}
#[get("/users")]
fn get_users(_token: AdminToken, conn: DbConn) -> JsonResult {
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
let users = User::get_all(&conn);
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
let users_json: Vec<Value> = users.iter().map(|u| u.to_json(&conn)).collect();
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
Ok(Json(Value::Array(users_json)))
}
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
#[post("/invite", data = "<data>")]
fn invite_user(data: JsonUpcase<InviteData>, _token: AdminToken, conn: DbConn) -> JsonResult {
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
let data: InviteData = data.into_inner().data;
if User::find_by_mail(&data.Email, &conn).is_some() {
err!("User already exists")
}
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
2018-12-19 21:52:53 +01:00
if !CONFIG.invitations_allowed {
err!("Invitations are not allowed")
}
Finish invite functionality, and remove virtual organization
2018-12-19 22:51:08 +01:00
let mut invitation = Invitation::new(data.Email);
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
2018-12-19 21:52:53 +01:00
invitation.save(&conn)?;
Finish invite functionality, and remove virtual organization
2018-12-19 22:51:08 +01:00
// TODO: Might want to send an email?
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
2018-12-19 21:52:53 +01:00
Ok(Json(json!({})))
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
}
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
#[post("/users/<uuid>/delete")]
fn delete_user(uuid: String, _token: AdminToken, conn: DbConn) -> JsonResult {
let user = match User::find_by_uuid(&uuid, &conn) {
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
Some(user) => user,
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
None => err!("User doesn't exist"),
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
};
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
2018-12-19 21:52:53 +01:00
user.delete(&conn)?;
Ok(Json(json!({})))
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
}
pub struct AdminToken {}
impl<'a, 'r> FromRequest<'a, 'r> for AdminToken {
type Error = &'static str;
fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, Self::Error> {
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
let config_token = match CONFIG.admin_token.as_ref() {
Some(token) => token,
None => err_handler!("Admin panel is disabled"),
};
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
// Get access_token
let access_token: &str = match request.headers().get_one("Authorization") {
Some(a) => match a.rsplit("Bearer ").next() {
Some(split) => split,
None => err_handler!("No access token provided"),
},
None => err_handler!("No access token provided"),
};
// TODO: What authentication to use?
// Option 1: Make it a config option
// Option 2: Generate random token, and
// Option 2a: Send it to admin email, like upstream
// Option 2b: Print in console or save to data dir, so admin can check
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
if access_token != config_token {
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123'
2018-12-18 01:53:21 +01:00
err_handler!("Invalid admin token")
}
Outcome::Success(AdminToken {})
}
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token.
2018-12-18 18:52:58 +01:00
}
Permalink kopieren