1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-22 05:10:29 +01:00

Fix Login With Device without MasterPassword

It looks like either something changed in the latest v2023.8.x versions,
or when using Biometrics to login, but the MasterPasswordHash is an
optional value during the Approve action.

This PR makes the MasterPasswordHash an optional value which resolves
this issues. Bitwarden works the same way.

I also changed the EncKey to an Option in the database since empty
strings as a default value is not nice in databases, better to use
`null` in these cases.

Fixes #3819
Dieser Commit ist enthalten in:
BlackDex 2023-09-01 21:03:50 +02:00
Ursprung 5ab7010c37
Commit d6e0ace192
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: 58C80A2AA6C765E1
11 geänderte Dateien mit 53 neuen und 12 gelöschten Zeilen

Datei anzeigen

@ -0,0 +1,5 @@
ALTER TABLE auth_requests
MODIFY master_password_hash TEXT;
ALTER TABLE auth_requests
MODIFY enc_key TEXT;

Datei anzeigen

@ -0,0 +1,5 @@
ALTER TABLE auth_requests
ALTER COLUMN master_password_hash DROP NOT NULL;
ALTER TABLE auth_requests
ALTER COLUMN enc_key DROP NOT NULL;

Datei anzeigen

@ -0,0 +1,29 @@
-- Create new auth_requests table with master_password_hash as nullable column
CREATE TABLE auth_requests_new (
uuid TEXT NOT NULL PRIMARY KEY,
user_uuid TEXT NOT NULL,
organization_uuid TEXT,
request_device_identifier TEXT NOT NULL,
device_type INTEGER NOT NULL,
request_ip TEXT NOT NULL,
response_device_id TEXT,
access_code TEXT NOT NULL,
public_key TEXT NOT NULL,
enc_key TEXT,
master_password_hash TEXT,
approved BOOLEAN,
creation_date DATETIME NOT NULL,
response_date DATETIME,
authentication_date DATETIME,
FOREIGN KEY (user_uuid) REFERENCES users (uuid),
FOREIGN KEY (organization_uuid) REFERENCES organizations (uuid)
);
-- Transfer current data to new table
INSERT INTO auth_requests_new SELECT * FROM auth_requests;
-- Drop the old table
DROP TABLE auth_requests;
-- Rename the new table to the original name
ALTER TABLE auth_requests_new RENAME TO auth_requests;

Datei anzeigen

@ -1090,7 +1090,7 @@ async fn get_auth_request(uuid: &str, mut conn: DbConn) -> JsonResult {
struct AuthResponseRequest { struct AuthResponseRequest {
deviceIdentifier: String, deviceIdentifier: String,
key: String, key: String,
masterPasswordHash: String, masterPasswordHash: Option<String>,
requestApproved: bool, requestApproved: bool,
} }
@ -1111,7 +1111,7 @@ async fn put_auth_request(
}; };
auth_request.approved = Some(data.requestApproved); auth_request.approved = Some(data.requestApproved);
auth_request.enc_key = data.key; auth_request.enc_key = Some(data.key);
auth_request.master_password_hash = data.masterPasswordHash; auth_request.master_password_hash = data.masterPasswordHash;
auth_request.response_device_id = Some(data.deviceIdentifier.clone()); auth_request.response_device_id = Some(data.deviceIdentifier.clone());
auth_request.save(&mut conn).await?; auth_request.save(&mut conn).await?;

Datei anzeigen

@ -20,9 +20,9 @@ db_object! {
pub access_code: String, pub access_code: String,
pub public_key: String, pub public_key: String,
pub enc_key: String, pub enc_key: Option<String>,
pub master_password_hash: String, pub master_password_hash: Option<String>,
pub approved: Option<bool>, pub approved: Option<bool>,
pub creation_date: NaiveDateTime, pub creation_date: NaiveDateTime,
pub response_date: Option<NaiveDateTime>, pub response_date: Option<NaiveDateTime>,
@ -53,8 +53,8 @@ impl AuthRequest {
response_device_id: None, response_device_id: None,
access_code, access_code,
public_key, public_key,
enc_key: String::new(), enc_key: None,
master_password_hash: String::new(), master_password_hash: None,
approved: None, approved: None,
creation_date: now, creation_date: now,
response_date: None, response_date: None,

Datei anzeigen

@ -297,8 +297,8 @@ table! {
response_device_id -> Nullable<Text>, response_device_id -> Nullable<Text>,
access_code -> Text, access_code -> Text,
public_key -> Text, public_key -> Text,
enc_key -> Text, enc_key -> Nullable<Text>,
master_password_hash -> Text, master_password_hash -> Nullable<Text>,
approved -> Nullable<Bool>, approved -> Nullable<Bool>,
creation_date -> Timestamp, creation_date -> Timestamp,
response_date -> Nullable<Timestamp>, response_date -> Nullable<Timestamp>,
@ -324,6 +324,7 @@ joinable!(users_collections -> collections (collection_uuid));
joinable!(users_collections -> users (user_uuid)); joinable!(users_collections -> users (user_uuid));
joinable!(users_organizations -> organizations (org_uuid)); joinable!(users_organizations -> organizations (org_uuid));
joinable!(users_organizations -> users (user_uuid)); joinable!(users_organizations -> users (user_uuid));
joinable!(users_organizations -> ciphers (org_uuid));
joinable!(organization_api_key -> organizations (org_uuid)); joinable!(organization_api_key -> organizations (org_uuid));
joinable!(emergency_access -> users (grantor_uuid)); joinable!(emergency_access -> users (grantor_uuid));
joinable!(groups -> organizations (organizations_uuid)); joinable!(groups -> organizations (organizations_uuid));

Datei anzeigen

@ -297,8 +297,8 @@ table! {
response_device_id -> Nullable<Text>, response_device_id -> Nullable<Text>,
access_code -> Text, access_code -> Text,
public_key -> Text, public_key -> Text,
enc_key -> Text, enc_key -> Nullable<Text>,
master_password_hash -> Text, master_password_hash -> Nullable<Text>,
approved -> Nullable<Bool>, approved -> Nullable<Bool>,
creation_date -> Timestamp, creation_date -> Timestamp,
response_date -> Nullable<Timestamp>, response_date -> Nullable<Timestamp>,
@ -324,6 +324,7 @@ joinable!(users_collections -> collections (collection_uuid));
joinable!(users_collections -> users (user_uuid)); joinable!(users_collections -> users (user_uuid));
joinable!(users_organizations -> organizations (org_uuid)); joinable!(users_organizations -> organizations (org_uuid));
joinable!(users_organizations -> users (user_uuid)); joinable!(users_organizations -> users (user_uuid));
joinable!(users_organizations -> ciphers (org_uuid));
joinable!(organization_api_key -> organizations (org_uuid)); joinable!(organization_api_key -> organizations (org_uuid));
joinable!(emergency_access -> users (grantor_uuid)); joinable!(emergency_access -> users (grantor_uuid));
joinable!(groups -> organizations (organizations_uuid)); joinable!(groups -> organizations (organizations_uuid));

Datei anzeigen

@ -297,8 +297,8 @@ table! {
response_device_id -> Nullable<Text>, response_device_id -> Nullable<Text>,
access_code -> Text, access_code -> Text,
public_key -> Text, public_key -> Text,
enc_key -> Text, enc_key -> Nullable<Text>,
master_password_hash -> Text, master_password_hash -> Nullable<Text>,
approved -> Nullable<Bool>, approved -> Nullable<Bool>,
creation_date -> Timestamp, creation_date -> Timestamp,
response_date -> Nullable<Timestamp>, response_date -> Nullable<Timestamp>,