1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-26 05:50:29 +01:00
vaultwarden/src/api
BlackDex 636f16dc66
Prevent 401 on main admin page
When you are not loggedin, and have no cookie etc.. we always returned a 401.
This was mainly to allow the login page on all the sub pages, and after
login being redirected to the requested page, for these pages a 401 is a
valid response, since, you do not have access.

But for the main `/admin` page, it should just respond with a `200` and
show the login page.

This PR fixes this flow and response. It should prevent people using
Fail2ban, or other tools being triggered by only accessing the login page.

Resolves #3540
2023-05-25 23:40:36 +02:00
..
core policy data should be null not an empty object 2023-05-09 11:14:46 +02:00
admin.rs Prevent 401 on main admin page 2023-05-25 23:40:36 +02:00
icons.rs Change String to &str for all Rocket functions 2023-04-30 17:18:12 +02:00
identity.rs always return KdfMemory and KdfParallelism 2023-03-31 01:10:28 +02:00
mod.rs Add Organizational event logging feature 2022-12-01 22:38:59 +01:00
notifications.rs Small update to Rocket WebSockets 2023-04-12 15:59:05 +02:00
web.rs Change String to &str for all Rocket functions 2023-04-30 17:18:12 +02:00