geforkt von mirrored/vaultwarden
Merge branch 'master' into rocket-0.4
# Conflicts: # src/api/core/mod.rs
Dieser Commit ist enthalten in:
Commit
4638786507
3 geänderte Dateien mit 24 neuen und 16 gelöschten Zeilen
|
@ -79,7 +79,7 @@ RUN cargo build --release --target=aarch64-unknown-linux-gnu -v
|
||||||
######################## RUNTIME IMAGE ########################
|
######################## RUNTIME IMAGE ########################
|
||||||
# Create a new stage with a minimal image
|
# Create a new stage with a minimal image
|
||||||
# because we already have a binary built
|
# because we already have a binary built
|
||||||
FROM resin/aarch64-debian:stretch
|
FROM balenalib/aarch64-debian:stretch
|
||||||
|
|
||||||
ENV ROCKET_ENV "staging"
|
ENV ROCKET_ENV "staging"
|
||||||
ENV ROCKET_PORT=80
|
ENV ROCKET_PORT=80
|
||||||
|
|
|
@ -79,7 +79,7 @@ RUN cargo build --release --target=armv7-unknown-linux-gnueabihf -v
|
||||||
######################## RUNTIME IMAGE ########################
|
######################## RUNTIME IMAGE ########################
|
||||||
# Create a new stage with a minimal image
|
# Create a new stage with a minimal image
|
||||||
# because we already have a binary built
|
# because we already have a binary built
|
||||||
FROM resin/armv7hf-debian:stretch
|
FROM balenalib/armv7hf-debian:stretch
|
||||||
|
|
||||||
ENV ROCKET_ENV "staging"
|
ENV ROCKET_ENV "staging"
|
||||||
ENV ROCKET_PORT=80
|
ENV ROCKET_PORT=80
|
||||||
|
|
|
@ -27,6 +27,7 @@ pub fn routes() -> Vec<Route> {
|
||||||
activate_authenticator,
|
activate_authenticator,
|
||||||
activate_authenticator_put,
|
activate_authenticator_put,
|
||||||
generate_u2f,
|
generate_u2f,
|
||||||
|
generate_u2f_challenge,
|
||||||
activate_u2f,
|
activate_u2f,
|
||||||
activate_u2f_put,
|
activate_u2f_put,
|
||||||
]
|
]
|
||||||
|
@ -272,24 +273,31 @@ fn generate_u2f(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn)
|
||||||
let user_uuid = &headers.user.uuid;
|
let user_uuid = &headers.user.uuid;
|
||||||
|
|
||||||
let u2f_type = TwoFactorType::U2f as i32;
|
let u2f_type = TwoFactorType::U2f as i32;
|
||||||
let register_type = TwoFactorType::U2fRegisterChallenge;
|
let enabled = TwoFactor::find_by_user_and_type(user_uuid, u2f_type, &conn).is_some();
|
||||||
let (enabled, challenge) = match TwoFactor::find_by_user_and_type(user_uuid, u2f_type, &conn) {
|
|
||||||
Some(_) => (true, String::new()),
|
|
||||||
None => {
|
|
||||||
let c = _create_u2f_challenge(user_uuid, register_type, &conn);
|
|
||||||
(false, c.challenge)
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
Ok(Json(json!({
|
Ok(Json(json!({
|
||||||
"Enabled": enabled,
|
"Enabled": enabled,
|
||||||
"Challenge": {
|
"Object": "twoFactorU2f"
|
||||||
|
})))
|
||||||
|
}
|
||||||
|
|
||||||
|
#[post("/two-factor/get-u2f-challenge", data = "<data>")]
|
||||||
|
fn generate_u2f_challenge(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn) -> JsonResult {
|
||||||
|
let data: PasswordData = data.into_inner().data;
|
||||||
|
|
||||||
|
if !headers.user.check_valid_password(&data.MasterPasswordHash) {
|
||||||
|
err!("Invalid password");
|
||||||
|
}
|
||||||
|
|
||||||
|
let user_uuid = &headers.user.uuid;
|
||||||
|
|
||||||
|
let challenge = _create_u2f_challenge(user_uuid, TwoFactorType::U2fRegisterChallenge, &conn).challenge;
|
||||||
|
|
||||||
|
Ok(Json(json!({
|
||||||
"UserId": headers.user.uuid,
|
"UserId": headers.user.uuid,
|
||||||
"AppId": APP_ID.to_string(),
|
"AppId": APP_ID.to_string(),
|
||||||
"Challenge": challenge,
|
"Challenge": challenge,
|
||||||
"Version": U2F_VERSION,
|
"Version": U2F_VERSION,
|
||||||
},
|
|
||||||
"Object": "twoFactorU2f"
|
|
||||||
})))
|
})))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Laden …
In neuem Issue referenzieren