MariaDB/MySQL doesn't like the normal `"` quotes around the column name.
This needs to be a backtick **`**.
This PR changes the migration script to fix this issue.
Fixes #3993
* WIP: Container building changes
* Small updates
- Updated to rust 1.73.0
- Updated crates
- Updated documentation
- Added a bake.sh script to make baking easier
* Update GitHub Actions Workflow
- Updated workflow to use qemu and buildx bake
In the future i would like to extract the alpine based binaries and add
them as artifacts to the release.
* Address review remarks and small updates
- Addressed review remarks
- Added `podman-bake.sh` script to build Vaultwarden with podman
- Updated README
- Updated crates
- Added `VW_VERSION` support
- Added annotations
- Updated web-vault to v2023.9.1
* Update twofactor_email.hbs subject line to avoid triggering gmail content filter
Previous subject line was triggering Google's spam blocker, breaking the 2FA setup process if a gmail SMTP server is configured. The new subject line does not (currently) run afoul of Google's filter.
* Update twofactor_email.html.hbs subject line to avoid triggering gmail content filter
Previous subject line was triggering Google's spam blocker, breaking the 2FA setup process if a gmail SMTP server is configured. The new subject line does not (currently) run afoul of Google's filter.
* Update twofactor_email.hbs
Changed "Confirmation" to "Verification" for the sake of internal consistency
* Update twofactor_email.hbs
* Update twofactor_email.html.hbs
While working on the fix I realised the location where the `external_id`
is stored was wrong. It was stored in the `users` table, but it actually
should have been stored in the `users_organizations` table.
This will move the column to the right table. It will not move the
values of the `external_id` column, because if there are more
organizations, there is no way to really know which organization it is
linked to. Setups using the Directory Connector can clear the sync
cache, and sync again, that will store all the `external_id` values at
the right location.
Also changed the function to revoke,restore an org-user and set_external_id to return a boolean.
It will state if the value has been changed or not, and if not, we can
prevent a `save` call to the database.
The `users` table is not changed to remove the `external_id` column, thi
to prevent issue when users want to revert back to an earlier version
for some reason. We can do this after a few minor release i think.
Fixes #3777
The PostgreSQL migrations do not need this setting.
I tested this by running an old Vaultwarden instance (v1.18.0) on a new
PostrgreSQL database, created a few users and some vault items, after
that run the new code and it doesn't break.
Fixes #3930
During a WebSocket connection we currently also send several headers
which could cause issues with some reverse proxy, or with the CloudFlare
tunnel for example. This PR resolves these issues.
Fixes #3881
It looks like either something changed in the latest v2023.8.x versions,
or when using Biometrics to login, but the MasterPasswordHash is an
optional value during the Approve action.
This PR makes the MasterPasswordHash an optional value which resolves
this issues. Bitwarden works the same way.
I also changed the EncKey to an Option in the database since empty
strings as a default value is not nice in databases, better to use
`null` in these cases.
Fixes #3819
- Updated the admin interface dependencies.
- Replace bootstrap-native with bootstrap
- Added auto theme with an option to switch to dark/light
- Some small color changes
- Added an dev only function to always load static files from disk
Some clients (Thirdparty) might use the `Authorization` header instead
of a query param. We didn't supported this since all the official
clients do not seem to use this way of working. But Bitwarden does check
both ways.
This PR adds an extra check for this header which can be optional.
Fixes #3776
needed for web-v2023.8.2+ compatibility due to the inclusion of the new
trusted device encryption feature. without this change, the web vault
will assume that you don't have a master password set and force you to
set one.