Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-29 06:20:29 +01:00
Merge pull request #137 from stammw/master
SMTP implementation, along with password HINT email
Dieser Commit ist enthalten in:
Commit
b63693aefb
5 geänderte Dateien mit 162 neuen und 9 gelöschten Zeilen
7
.env
7
.env
|
@ -41,3 +41,10 @@
|
||||||
# ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app
|
# ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app
|
||||||
# ROCKET_PORT=8000
|
# ROCKET_PORT=8000
|
||||||
# ROCKET_TLS={certs="/path/to/certs.pem",key="/path/to/key.pem"}
|
# ROCKET_TLS={certs="/path/to/certs.pem",key="/path/to/key.pem"}
|
||||||
|
|
||||||
|
## Mail specific settings, if SMTP_HOST is specified, SMTP_USERNAME and SMTP_PASSWORD are mandatory
|
||||||
|
# SMTP_HOST=smtp.domain.tld
|
||||||
|
# SMTP_PORT=587
|
||||||
|
# SMTP_SSL=true
|
||||||
|
# SMTP_USERNAME=username
|
||||||
|
# SMTP_PASSWORD=password
|
|
@ -58,6 +58,11 @@ lazy_static = "1.1.0"
|
||||||
num-traits = "0.2.5"
|
num-traits = "0.2.5"
|
||||||
num-derive = "0.2.2"
|
num-derive = "0.2.2"
|
||||||
|
|
||||||
|
lettre = "0.8.2"
|
||||||
|
lettre_email = "0.8.2"
|
||||||
|
native-tls = "0.1.5"
|
||||||
|
fast_chemail = "0.9.5"
|
||||||
|
|
||||||
[patch.crates-io]
|
[patch.crates-io]
|
||||||
# Make jwt use ring 0.11, to match rocket
|
# Make jwt use ring 0.11, to match rocket
|
||||||
jsonwebtoken = { path = "libs/jsonwebtoken" }
|
jsonwebtoken = { path = "libs/jsonwebtoken" }
|
||||||
|
|
|
@ -5,6 +5,8 @@ use db::models::*;
|
||||||
|
|
||||||
use api::{PasswordData, JsonResult, EmptyResult, JsonUpcase, NumberOrString};
|
use api::{PasswordData, JsonResult, EmptyResult, JsonUpcase, NumberOrString};
|
||||||
use auth::Headers;
|
use auth::Headers;
|
||||||
|
use fast_chemail::is_valid_email;
|
||||||
|
use mail;
|
||||||
|
|
||||||
use CONFIG;
|
use CONFIG;
|
||||||
|
|
||||||
|
@ -85,7 +87,10 @@ fn post_profile(data: JsonUpcase<ProfileData>, headers: Headers, conn: DbConn) -
|
||||||
let mut user = headers.user;
|
let mut user = headers.user;
|
||||||
|
|
||||||
user.name = data.Name;
|
user.name = data.Name;
|
||||||
user.password_hint = data.MasterPasswordHint;
|
user.password_hint = match data.MasterPasswordHint {
|
||||||
|
Some(ref h) if h.is_empty() => None,
|
||||||
|
_ => data.MasterPasswordHint,
|
||||||
|
};
|
||||||
user.save(&conn);
|
user.save(&conn);
|
||||||
|
|
||||||
Ok(Json(user.to_json(&conn)))
|
Ok(Json(user.to_json(&conn)))
|
||||||
|
@ -263,17 +268,29 @@ struct PasswordHintData {
|
||||||
fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResult {
|
fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResult {
|
||||||
let data: PasswordHintData = data.into_inner().data;
|
let data: PasswordHintData = data.into_inner().data;
|
||||||
|
|
||||||
if !CONFIG.show_password_hint {
|
if !is_valid_email(&data.Email) {
|
||||||
return Ok(())
|
return err!("This email address is not valid...");
|
||||||
}
|
}
|
||||||
|
|
||||||
match User::find_by_mail(&data.Email, &conn) {
|
let user = User::find_by_mail(&data.Email, &conn);
|
||||||
Some(user) => {
|
if user.is_none() {
|
||||||
let hint = user.password_hint.to_owned().unwrap_or_default();
|
return Ok(());
|
||||||
err!(format!("Your password hint is: {}", hint))
|
|
||||||
},
|
|
||||||
None => Ok(()),
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let user = user.unwrap();
|
||||||
|
if let Some(ref mail_config) = CONFIG.mail {
|
||||||
|
if let Err(e) = mail::send_password_hint(&user.email, user.password_hint, mail_config) {
|
||||||
|
err!(format!("There have been a problem sending the email: {}", e));
|
||||||
|
}
|
||||||
|
} else if CONFIG.show_password_hint {
|
||||||
|
if let Some(hint) = user.password_hint {
|
||||||
|
err!(format!("Your password hint is: {}", &hint));
|
||||||
|
} else {
|
||||||
|
err!(format!("Sorry, you have no password hint..."));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize)]
|
||||||
|
|
63
src/mail.rs
Normale Datei
63
src/mail.rs
Normale Datei
|
@ -0,0 +1,63 @@
|
||||||
|
use std::error::Error;
|
||||||
|
use native_tls::{Protocol, TlsConnector};
|
||||||
|
use lettre::{EmailTransport, SmtpTransport, ClientTlsParameters, ClientSecurity};
|
||||||
|
use lettre::smtp::{ConnectionReuseParameters, SmtpTransportBuilder};
|
||||||
|
use lettre::smtp::authentication::Credentials;
|
||||||
|
use lettre_email::EmailBuilder;
|
||||||
|
|
||||||
|
use MailConfig;
|
||||||
|
|
||||||
|
fn mailer(config: &MailConfig) -> SmtpTransport {
|
||||||
|
let client_security = if config.smtp_ssl {
|
||||||
|
let mut tls_builder = TlsConnector::builder().unwrap();
|
||||||
|
tls_builder.supported_protocols(&[Protocol::Tlsv11, Protocol::Tlsv12]).unwrap();
|
||||||
|
ClientSecurity::Required(
|
||||||
|
ClientTlsParameters::new(config.smtp_host.to_owned(), tls_builder.build().unwrap())
|
||||||
|
)
|
||||||
|
} else {
|
||||||
|
ClientSecurity::None
|
||||||
|
};
|
||||||
|
|
||||||
|
let smtp_transport = SmtpTransportBuilder::new(
|
||||||
|
(config.smtp_host.to_owned().as_str(), config.smtp_port),
|
||||||
|
client_security
|
||||||
|
).unwrap();
|
||||||
|
|
||||||
|
let smtp_transport = match (&config.smtp_username, &config.smtp_password) {
|
||||||
|
(Some(username), Some(password)) => {
|
||||||
|
smtp_transport.credentials(Credentials::new(username.to_owned(), password.to_owned()))
|
||||||
|
},
|
||||||
|
(_, _) => smtp_transport,
|
||||||
|
};
|
||||||
|
|
||||||
|
smtp_transport
|
||||||
|
.smtp_utf8(true)
|
||||||
|
.connection_reuse(ConnectionReuseParameters::NoReuse)
|
||||||
|
.build()
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn send_password_hint(address: &str, hint: Option<String>, config: &MailConfig) -> Result<(), String> {
|
||||||
|
let (subject, body) = if let Some(hint) = hint {
|
||||||
|
("Your master password hint",
|
||||||
|
format!(
|
||||||
|
"You (or someone) recently requested your master password hint.\n\n\
|
||||||
|
Your hint is: \"{}\"\n\n\
|
||||||
|
If you did not request your master password hint you can safely ignore this email.\n",
|
||||||
|
hint))
|
||||||
|
} else {
|
||||||
|
("Sorry, you have no password hint...",
|
||||||
|
"Sorry, you have not specified any password hint...\n".to_string())
|
||||||
|
};
|
||||||
|
|
||||||
|
let email = EmailBuilder::new()
|
||||||
|
.to(address)
|
||||||
|
.from((config.smtp_from.to_owned(), "Bitwarden-rs"))
|
||||||
|
.subject(subject)
|
||||||
|
.body(body)
|
||||||
|
.build().unwrap();
|
||||||
|
|
||||||
|
match mailer(config).send(&email) {
|
||||||
|
Ok(_) => Ok(()),
|
||||||
|
Err(e) => Err(e.description().to_string()),
|
||||||
|
}
|
||||||
|
}
|
61
src/main.rs
61
src/main.rs
|
@ -27,6 +27,10 @@ extern crate lazy_static;
|
||||||
#[macro_use]
|
#[macro_use]
|
||||||
extern crate num_derive;
|
extern crate num_derive;
|
||||||
extern crate num_traits;
|
extern crate num_traits;
|
||||||
|
extern crate lettre;
|
||||||
|
extern crate lettre_email;
|
||||||
|
extern crate native_tls;
|
||||||
|
extern crate fast_chemail;
|
||||||
|
|
||||||
use std::{env, path::Path, process::{exit, Command}};
|
use std::{env, path::Path, process::{exit, Command}};
|
||||||
use rocket::Rocket;
|
use rocket::Rocket;
|
||||||
|
@ -38,6 +42,7 @@ mod api;
|
||||||
mod db;
|
mod db;
|
||||||
mod crypto;
|
mod crypto;
|
||||||
mod auth;
|
mod auth;
|
||||||
|
mod mail;
|
||||||
|
|
||||||
fn init_rocket() -> Rocket {
|
fn init_rocket() -> Rocket {
|
||||||
rocket::ignite()
|
rocket::ignite()
|
||||||
|
@ -155,6 +160,57 @@ lazy_static! {
|
||||||
static ref CONFIG: Config = Config::load();
|
static ref CONFIG: Config = Config::load();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
|
pub struct MailConfig {
|
||||||
|
smtp_host: String,
|
||||||
|
smtp_port: u16,
|
||||||
|
smtp_ssl: bool,
|
||||||
|
smtp_from: String,
|
||||||
|
smtp_username: Option<String>,
|
||||||
|
smtp_password: Option<String>,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl MailConfig {
|
||||||
|
fn load() -> Option<Self> {
|
||||||
|
let smtp_host = env::var("SMTP_HOST").ok();
|
||||||
|
|
||||||
|
// When SMTP_HOST is absent, we assume the user does not want to enable it.
|
||||||
|
if smtp_host.is_none() {
|
||||||
|
return None
|
||||||
|
}
|
||||||
|
|
||||||
|
let smtp_ssl = util::parse_option_string(env::var("SMTP_SSL").ok()).unwrap_or(true);
|
||||||
|
let smtp_port = util::parse_option_string(env::var("SMTP_PORT").ok())
|
||||||
|
.unwrap_or_else(|| {
|
||||||
|
if smtp_ssl {
|
||||||
|
587u16
|
||||||
|
} else {
|
||||||
|
25u16
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
let smtp_username = env::var("SMTP_USERNAME").ok();
|
||||||
|
let smtp_password = env::var("SMTP_PASSWORD").ok().or_else(|| {
|
||||||
|
if smtp_username.as_ref().is_some() {
|
||||||
|
println!("Please specify SMTP_PASSWORD to enable SMTP support.");
|
||||||
|
exit(1);
|
||||||
|
} else {
|
||||||
|
None
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
Some(MailConfig {
|
||||||
|
smtp_host: smtp_host.unwrap(),
|
||||||
|
smtp_port: smtp_port,
|
||||||
|
smtp_ssl: smtp_ssl,
|
||||||
|
smtp_from: util::parse_option_string(env::var("SMTP_FROM").ok())
|
||||||
|
.unwrap_or("bitwarden-rs@localhost".to_string()),
|
||||||
|
smtp_username: smtp_username,
|
||||||
|
smtp_password: smtp_password,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub struct Config {
|
pub struct Config {
|
||||||
database_url: String,
|
database_url: String,
|
||||||
|
@ -172,8 +228,11 @@ pub struct Config {
|
||||||
signups_allowed: bool,
|
signups_allowed: bool,
|
||||||
password_iterations: i32,
|
password_iterations: i32,
|
||||||
show_password_hint: bool,
|
show_password_hint: bool,
|
||||||
|
|
||||||
domain: String,
|
domain: String,
|
||||||
domain_set: bool,
|
domain_set: bool,
|
||||||
|
|
||||||
|
mail: Option<MailConfig>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Config {
|
impl Config {
|
||||||
|
@ -204,6 +263,8 @@ impl Config {
|
||||||
|
|
||||||
domain_set: domain.is_ok(),
|
domain_set: domain.is_ok(),
|
||||||
domain: domain.unwrap_or("http://localhost".into()),
|
domain: domain.unwrap_or("http://localhost".into()),
|
||||||
|
|
||||||
|
mail: MailConfig::load(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Laden …
In neuem Issue referenzieren