Merge branch 'master' into alpine

.travis.yml

@@ -0,0 +1,7 @@
+# Copied from Rocket's .travis.yml
+language: rust
+sudo: required # so we get a VM with higher specs
+dist: trusty # so we get a VM with higher specs
+cache: cargo
+rust:
+- nightly

Cargo.toml

@@ -5,27 +5,27 @@ authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]
 
 [dependencies]
 # Web framework for nightly with a focus on ease-of-use, expressibility, and speed.
-rocket = { version = "0.3.15", features = ["tls"] }
-rocket_codegen = "0.3.15"
-rocket_contrib = "0.3.15"
+rocket = { version = "0.3.16", features = ["tls"] }
+rocket_codegen = "0.3.16"
+rocket_contrib = "0.3.16"
 
 # HTTP client
-reqwest = "0.8.6"
+reqwest = "0.8.8"
 
 # multipart/form-data support
-multipart = "0.15.0"
+multipart = "0.15.2"
 
 # A generic serialization/deserialization framework
-serde = "1.0.70"
-serde_derive = "1.0.70"
-serde_json = "1.0.24"
+serde = "1.0.74"
+serde_derive = "1.0.74"
+serde_json = "1.0.26"
 
 # A safe, extensible ORM and Query builder
 diesel = { version = "1.3.2", features = ["sqlite", "chrono", "r2d2"] }
 diesel_migrations = { version = "1.3.0", features = ["sqlite"] }
 
 # Bundled SQLite
-libsqlite3-sys = { version = "0.9.1", features = ["bundled"] }
+libsqlite3-sys = { version = "0.9.3", features = ["bundled"] }
 
 # Crypto library
 ring = { version = "= 0.11.0", features = ["rsa_signing"] }
@@ -34,7 +34,7 @@ ring = { version = "= 0.11.0", features = ["rsa_signing"] }
 uuid = { version = "0.6.5", features = ["v4"] }
 
 # Date and time library for Rust
-chrono = "0.4.4"
+chrono = "0.4.5"
 
 # TOTP library
 oath = "0.10.2"
@@ -52,7 +52,7 @@ u2f = "0.1.2"
 dotenv = { version = "0.13.0", default-features = false }
 
 # Lazy static macro
-lazy_static = "1.0.2"
+lazy_static = "1.1.0"
 
 # Numerical libraries
 num-traits = "0.2.5"

README.md

@@ -1,9 +1,19 @@
-This is Bitwarden server API implementation written in rust compatible with [upstream Bitwarden clients](https://bitwarden.com/#download)*, ideal for self-hosted deployment where running official resource-heavy service might not be ideal.
+### This is a Bitwarden server API implementation written in Rust compatible with [upstream Bitwarden clients](https://bitwarden.com/#download)*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
+
+---
+
+[![Travis Build Status](https://travis-ci.org/dani-garcia/bitwarden_rs.svg?branch=master)](https://travis-ci.org/dani-garcia/bitwarden_rs)
+[![Dependency Status](https://deps.rs/repo/github/dani-garcia/bitwarden_rs/status.svg)](https://deps.rs/repo/github/dani-garcia/bitwarden_rs)
+[![GitHub Release](https://img.shields.io/github/release/dani-garcia/bitwarden_rs.svg)](https://github.com/dani-garcia/bitwarden_rs/releases/latest)
+[![GPL-3.0 Licensed](https://img.shields.io/github/license/dani-garcia/bitwarden_rs.svg)](https://github.com/dani-garcia/bitwarden_rs/blob/master/LICENSE.txt)
+[![Matrix Chat](https://matrix.to/img/matrix-badge.svg)](https://matrix.to/#/#bitwarden_rs:matrix.org)
 
 Image is based on [Rust implementation of Bitwarden API](https://github.com/dani-garcia/bitwarden_rs).
 
 _*Note, that this project is not associated with the [Bitwarden](https://bitwarden.com/) project nor 8bit Solutions LLC._
 
+---
+
 **Table of contents**
 
 - [Features](#features)

rust-toolchain

@@ -1 +1 @@
-nightly-2018-07-18
+nightly-2018-08-24

src/api/core/accounts.rs

@@ -275,3 +275,31 @@ fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResul
         None => Ok(()),
     }
 }
+
+#[derive(Deserialize)]
+#[allow(non_snake_case)]
+struct PreloginData {
+    Email: String,
+}
+
+#[post("/accounts/prelogin", data = "<data>")]
+fn prelogin(data: JsonUpcase<PreloginData>, conn: DbConn) -> JsonResult {
+    let data: PreloginData = data.into_inner().data;
+
+    match User::find_by_mail(&data.Email, &conn) {
+        Some(user) => {
+            let kdf_type = 0; // PBKDF2: 0
+
+            let _server_iter = user.password_iterations;
+            let client_iter = 5000; // TODO: Make iterations user configurable
+
+            
+            Ok(Json(json!({
+                "Kdf": kdf_type,
+                "KdfIterations": client_iter
+            })))
+        },
+        None => err!("Invalid user"),
+    }
+}
+

src/api/core/mod.rs

@@ -25,6 +25,7 @@ pub fn routes() -> Vec<Route> {
         delete_account,
         revision_date,
         password_hint,
+        prelogin,
 
         sync,
 

src/api/mod.rs

@@ -2,11 +2,13 @@ pub(crate) mod core;
 mod icons;
 mod identity;
 mod web;
+mod notifications;
 
 pub use self::core::routes as core_routes;
 pub use self::icons::routes as icons_routes;
 pub use self::identity::routes as identity_routes;
 pub use self::web::routes as web_routes;
+pub use self::notifications::routes as notifications_routes;
 
 use rocket::response::status::BadRequest;
 use rocket_contrib::Json;

src/api/notifications.rs

@@ -0,0 +1,31 @@
+use rocket::Route;
+use rocket_contrib::Json;
+
+use db::DbConn;
+use api::JsonResult;
+use auth::Headers;
+
+pub fn routes() -> Vec<Route> {
+    routes![negotiate]
+}
+
+#[post("/hub/negotiate")]
+fn negotiate(_headers: Headers, _conn: DbConn) -> JsonResult {
+    use data_encoding::BASE64URL;
+    use crypto;
+
+    // Store this in db?
+    let conn_id = BASE64URL.encode(&crypto::get_random(vec![0u8; 16]));
+
+    // TODO: Implement transports
+    // Rocket WS support: https://github.com/SergioBenitez/Rocket/issues/90
+    // Rocket SSE support: https://github.com/SergioBenitez/Rocket/issues/33
+    Ok(Json(json!({
+        "connectionId": conn_id,
+        "availableTransports":[
+                // {"transport":"WebSockets", "transferFormats":["Text","Binary"]},
+                // {"transport":"ServerSentEvents", "transferFormats":["Text"]},
+                // {"transport":"LongPolling", "transferFormats":["Text","Binary"]}
+        ]
+    })))
+}

src/main.rs

@@ -45,6 +45,7 @@ fn init_rocket() -> Rocket {
         .mount("/api", api::core_routes())
         .mount("/identity", api::identity_routes())
         .mount("/icons", api::icons_routes())
+        .mount("/notifications", api::notifications_routes())
         .manage(db::init_pool())
 }