geforkt von mirrored/vaultwarden
Improve domain detection, should fix attachment problems. Otherwise, set the DOMAIN
env variable to the correct domain
Dieser Commit ist enthalten in:
Ursprung
dae92b9018
Commit
4f6f510bd4
3 geänderte Dateien mit 36 neuen und 8 gelöschten Zeilen
6
.env
6
.env
|
@ -27,6 +27,12 @@
|
||||||
## The change only applies when the password is changed
|
## The change only applies when the password is changed
|
||||||
# PASSWORD_ITERATIONS=100000
|
# PASSWORD_ITERATIONS=100000
|
||||||
|
|
||||||
|
## Domain settings
|
||||||
|
## The domain must match the address from where you access the server
|
||||||
|
## Unless you are using U2F, or having problems with attachments not downloading, there is no need to change this
|
||||||
|
## For U2F to work, the server must use HTTPS, you can use Let's Encrypt for free certs
|
||||||
|
# DOMAIN=https://bw.domain.tld:8443
|
||||||
|
|
||||||
## Rocket specific settings, check Rocket documentation to learn more
|
## Rocket specific settings, check Rocket documentation to learn more
|
||||||
# ROCKET_ENV=staging
|
# ROCKET_ENV=staging
|
||||||
# ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app
|
# ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app
|
||||||
|
|
28
src/auth.rs
28
src/auth.rs
|
@ -109,14 +109,32 @@ impl<'a, 'r> FromRequest<'a, 'r> for Headers {
|
||||||
fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, Self::Error> {
|
fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, Self::Error> {
|
||||||
let headers = request.headers();
|
let headers = request.headers();
|
||||||
|
|
||||||
|
println!("{:#?}", headers);
|
||||||
|
|
||||||
// Get host
|
// Get host
|
||||||
let host = match headers.get_one("Host") {
|
let host = if CONFIG.domain_set {
|
||||||
Some(host) => {
|
CONFIG.domain.clone()
|
||||||
|
} else if let Some(referer) = headers.get_one("Referer") {
|
||||||
|
referer.to_string()
|
||||||
|
} else {
|
||||||
|
// Try to guess from the headers
|
||||||
use std::env;
|
use std::env;
|
||||||
let protocol = if env::var("ROCKET_TLS").is_ok() {"https"} else {"http"};
|
|
||||||
|
let protocol = if let Some(proto) = headers.get_one("X-Forwarded-Proto") {
|
||||||
|
proto
|
||||||
|
} else if env::var("ROCKET_TLS").is_ok() {
|
||||||
|
"https"
|
||||||
|
} else {
|
||||||
|
"http"
|
||||||
|
};
|
||||||
|
|
||||||
|
let host = if let Some(host) = headers.get_one("Host") {
|
||||||
|
host
|
||||||
|
} else {
|
||||||
|
""
|
||||||
|
};
|
||||||
|
|
||||||
format!("{}://{}", protocol, host)
|
format!("{}://{}", protocol, host)
|
||||||
},
|
|
||||||
_ => String::new()
|
|
||||||
};
|
};
|
||||||
|
|
||||||
// Get access_token
|
// Get access_token
|
||||||
|
|
|
@ -165,6 +165,7 @@ pub struct Config {
|
||||||
signups_allowed: bool,
|
signups_allowed: bool,
|
||||||
password_iterations: i32,
|
password_iterations: i32,
|
||||||
domain: String,
|
domain: String,
|
||||||
|
domain_set: bool,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Config {
|
impl Config {
|
||||||
|
@ -174,6 +175,8 @@ impl Config {
|
||||||
let df = env::var("DATA_FOLDER").unwrap_or("data".into());
|
let df = env::var("DATA_FOLDER").unwrap_or("data".into());
|
||||||
let key = env::var("RSA_KEY_FILENAME").unwrap_or(format!("{}/{}", &df, "rsa_key"));
|
let key = env::var("RSA_KEY_FILENAME").unwrap_or(format!("{}/{}", &df, "rsa_key"));
|
||||||
|
|
||||||
|
let domain = env::var("DOMAIN");
|
||||||
|
|
||||||
Config {
|
Config {
|
||||||
database_url: env::var("DATABASE_URL").unwrap_or(format!("{}/{}", &df, "db.sqlite3")),
|
database_url: env::var("DATABASE_URL").unwrap_or(format!("{}/{}", &df, "db.sqlite3")),
|
||||||
icon_cache_folder: env::var("ICON_CACHE_FOLDER").unwrap_or(format!("{}/{}", &df, "icon_cache")),
|
icon_cache_folder: env::var("ICON_CACHE_FOLDER").unwrap_or(format!("{}/{}", &df, "icon_cache")),
|
||||||
|
@ -189,7 +192,8 @@ impl Config {
|
||||||
local_icon_extractor: util::parse_option_string(env::var("LOCAL_ICON_EXTRACTOR").ok()).unwrap_or(false),
|
local_icon_extractor: util::parse_option_string(env::var("LOCAL_ICON_EXTRACTOR").ok()).unwrap_or(false),
|
||||||
signups_allowed: util::parse_option_string(env::var("SIGNUPS_ALLOWED").ok()).unwrap_or(true),
|
signups_allowed: util::parse_option_string(env::var("SIGNUPS_ALLOWED").ok()).unwrap_or(true),
|
||||||
password_iterations: util::parse_option_string(env::var("PASSWORD_ITERATIONS").ok()).unwrap_or(100_000),
|
password_iterations: util::parse_option_string(env::var("PASSWORD_ITERATIONS").ok()).unwrap_or(100_000),
|
||||||
domain: env::var("DOMAIN").unwrap_or("https://localhost".into()),
|
domain_set: domain.is_ok(),
|
||||||
|
domain: domain.unwrap_or("http://localhost".into()),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Laden …
In neuem Issue referenzieren