1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-09 03:07:59 +01:00
Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
Datei suchen
0x0fbc b4b2701905
Add support for MFA with Duo's Universal Prompt (#4637)
* Add initial working Duo Universal Prompt support.

* Add db schema and models for Duo 2FA state storage

* store duo states in the database and validate during authentication

* cleanup & comments

* bump state/nonce length

* replace stray use of TimeDelta

* more cleanup

* bind Duo oauth flow to device id, drop redundant device type handling

* drop redundant alphanum string generation code

* error handling cleanup

* directly use JWT_VALIDITY_SECS constant instead of copying it to DuoClient instances

* remove redundant explicit returns, rustfmt

* rearrange constants, update comments, error message

* override charset on duo state column to ascii for mysql

* Reduce twofactor_duo_ctx state/nonce column size in postgres and maria

* Add fixes suggested by clippy

* rustfmt

* Update to use the make_http_request

* Don't handle OrganizationDuo

* move Duo API endpoint fmt strings out of macros and into format! calls

* Add missing indentation

Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>

* remove redundant expiry check when purging Duo contexts

---------

Co-authored-by: BlackDex <black.dex@gmail.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
2024-07-24 16:50:35 +02:00
.github Switch registry cache compression algorithm to zstd (#4704) 2024-07-08 23:27:39 +02:00
docker Fix Dockerfile linter warnings (#4763) 2024-07-24 00:28:07 +02:00
migrations Add support for MFA with Duo's Universal Prompt (#4637) 2024-07-24 16:50:35 +02:00
resources use a custom 404 page 2022-12-05 00:08:46 +01:00
src Add support for MFA with Duo's Universal Prompt (#4637) 2024-07-24 16:50:35 +02:00
tools Change API and structs to camelCase (#4386) 2024-06-23 21:31:02 +02:00
.dockerignore Update async to prepare for main merge 2022-02-22 20:00:33 +01:00
.editorconfig Misc changes. 2021-03-30 21:45:10 +02:00
.env.template Add support for MFA with Duo's Universal Prompt (#4637) 2024-07-24 16:50:35 +02:00
.gitattributes Just ignore scripts 2021-04-01 20:44:58 +01:00
.gitignore Rename included .env file to .env.template and ignored .env 2019-01-06 22:50:30 +01:00
.hadolint.yaml Container building changes (#3958) 2023-10-23 00:18:38 +02:00
.pre-commit-config.yaml Container building changes (#3958) 2023-10-23 00:18:38 +02:00
build.rs Fix some nightly build errors (#4657) 2024-06-20 09:35:52 +02:00
Cargo.lock Update crates & fix crate vulnerability (#4771) 2024-07-24 00:26:39 +02:00
Cargo.toml Update crates & fix crate vulnerability (#4771) 2024-07-24 00:26:39 +02:00
diesel.toml Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage. 2018-06-12 17:30:36 +02:00
Dockerfile Container building changes (#3958) 2023-10-23 00:18:38 +02:00
LICENSE.txt Re-License Vaultwarden to AGPLv3 2023-01-24 20:49:11 +01:00
README.md Update README.md 2024-01-01 19:44:52 +01:00
rust-toolchain.toml Update rust and remove unused header values (#4645) 2024-06-16 22:05:17 +02:00
rustfmt.toml Upd Crates, Rust, MSRV, GHA and remove Backtrace 2023-03-07 09:17:42 +01:00
SECURITY.md Adding a SECURITY.md 2021-06-26 11:49:00 +02:00

Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.

📢 Note: This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues. Please see #1642 for more explanation.


Build ghcr.io Docker Pulls Quay.io Dependency Status GitHub Release AGPL-3.0 Licensed Matrix Chat

Image is based on Rust implementation of Bitwarden API.

This project is not associated with the Bitwarden project nor Bitwarden, Inc.

⚠️IMPORTANT⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.


Features

Basically full implementation of Bitwarden API is provided including:

  • Organizations support
  • Attachments and Send
  • Vault API support
  • Serving the static files for Vault interface
  • Website icons API
  • Authenticator and U2F support
  • YubiKey and Duo support
  • Emergency Access

Installation

Pull the docker image and mount a volume from the host for persistent storage:

docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /vw-data/:/data/ --restart unless-stopped -p 80:80 vaultwarden/server:latest

This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.

IMPORTANT: Most modern web browsers disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'. To solve this problem, you need to access the web vault via HTTPS or localhost.

This can be configured in vaultwarden directly or using a third-party reverse proxy (some examples).

If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy (see examples linked above).

Usage

See the vaultwarden wiki for more information on how to configure and run the vaultwarden server.

Get in touch

To ask a question, offer suggestions or new features or to get help configuring or installing the software, please use GitHub Discussions or the forum.

If you spot any bugs or crashes with vaultwarden itself, please create an issue. Make sure you are on the latest version and there aren't any similar issues open, though!

If you prefer to chat, we're usually hanging around at #vaultwarden:matrix.org room on Matrix. Feel free to join us!

Sponsors

Thanks for your contribution to the project!

Chris Alfano
Numberly
IQ333777