geforkt von mirrored/vaultwarden
Formatting
Dieser Commit ist enthalten in:
Ursprung
4cec502f7b
Commit
a0ece3754b
13 geänderte Dateien mit 29 neuen und 67 gelöschten Zeilen
|
@ -1 +1,2 @@
|
||||||
|
version = "Two"
|
||||||
max_width = 120
|
max_width = 120
|
||||||
|
|
|
@ -110,7 +110,7 @@ struct AdminTemplateData {
|
||||||
users: Vec<Value>,
|
users: Vec<Value>,
|
||||||
config: Value,
|
config: Value,
|
||||||
can_backup: bool,
|
can_backup: bool,
|
||||||
logged_in: bool
|
logged_in: bool,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl AdminTemplateData {
|
impl AdminTemplateData {
|
||||||
|
@ -121,7 +121,7 @@ impl AdminTemplateData {
|
||||||
users,
|
users,
|
||||||
config: CONFIG.prepare_json(),
|
config: CONFIG.prepare_json(),
|
||||||
can_backup: *CAN_BACKUP,
|
can_backup: *CAN_BACKUP,
|
||||||
logged_in: true
|
logged_in: true,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -149,11 +149,10 @@ fn hibp_breach(username: String) -> JsonResult {
|
||||||
use reqwest::{header::USER_AGENT, Client};
|
use reqwest::{header::USER_AGENT, Client};
|
||||||
|
|
||||||
if let Some(api_key) = crate::CONFIG.hibp_api_key() {
|
if let Some(api_key) = crate::CONFIG.hibp_api_key() {
|
||||||
let hibp_client = Client::builder()
|
let hibp_client = Client::builder().use_sys_proxy().build()?;
|
||||||
.use_sys_proxy()
|
|
||||||
.build()?;
|
|
||||||
|
|
||||||
let res = hibp_client.get(&url)
|
let res = hibp_client
|
||||||
|
.get(&url)
|
||||||
.header(USER_AGENT, user_agent)
|
.header(USER_AGENT, user_agent)
|
||||||
.header("hibp-api-key", api_key)
|
.header("hibp-api-key", api_key)
|
||||||
.send()?;
|
.send()?;
|
||||||
|
|
|
@ -16,11 +16,7 @@ use crate::error::MapResult;
|
||||||
use crate::CONFIG;
|
use crate::CONFIG;
|
||||||
|
|
||||||
pub fn routes() -> Vec<Route> {
|
pub fn routes() -> Vec<Route> {
|
||||||
routes![
|
routes![get_duo, activate_duo, activate_duo_put,]
|
||||||
get_duo,
|
|
||||||
activate_duo,
|
|
||||||
activate_duo_put,
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
|
|
|
@ -18,12 +18,7 @@ use chrono::{Duration, NaiveDateTime, Utc};
|
||||||
use std::ops::Add;
|
use std::ops::Add;
|
||||||
|
|
||||||
pub fn routes() -> Vec<Route> {
|
pub fn routes() -> Vec<Route> {
|
||||||
routes![
|
routes![get_email, send_email_login, send_email, email,]
|
||||||
get_email,
|
|
||||||
send_email_login,
|
|
||||||
send_email,
|
|
||||||
email,
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize)]
|
||||||
|
|
|
@ -16,11 +16,7 @@ use crate::error::{Error, MapResult};
|
||||||
use crate::CONFIG;
|
use crate::CONFIG;
|
||||||
|
|
||||||
pub fn routes() -> Vec<Route> {
|
pub fn routes() -> Vec<Route> {
|
||||||
routes![
|
routes![generate_yubikey, activate_yubikey, activate_yubikey_put,]
|
||||||
generate_yubikey,
|
|
||||||
activate_yubikey,
|
|
||||||
activate_yubikey_put,
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize, Debug)]
|
#[derive(Deserialize, Debug)]
|
||||||
|
|
|
@ -391,7 +391,7 @@ fn download_icon(domain: &str) -> Result<Vec<u8>, Error> {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
_ => warn!("data uri is invalid")
|
_ => warn!("data uri is invalid"),
|
||||||
};
|
};
|
||||||
} else {
|
} else {
|
||||||
match get_page_with_cookies(&icon.href, &cookie_str) {
|
match get_page_with_cookies(&icon.href, &cookie_str) {
|
||||||
|
|
|
@ -7,8 +7,8 @@ use rocket::Route;
|
||||||
use rocket_contrib::json::Json;
|
use rocket_contrib::json::Json;
|
||||||
use serde_json::Value;
|
use serde_json::Value;
|
||||||
|
|
||||||
use crate::util::Cached;
|
|
||||||
use crate::error::Error;
|
use crate::error::Error;
|
||||||
|
use crate::util::Cached;
|
||||||
use crate::CONFIG;
|
use crate::CONFIG;
|
||||||
|
|
||||||
pub fn routes() -> Vec<Route> {
|
pub fn routes() -> Vec<Route> {
|
||||||
|
@ -23,9 +23,7 @@ pub fn routes() -> Vec<Route> {
|
||||||
|
|
||||||
#[get("/")]
|
#[get("/")]
|
||||||
fn web_index() -> Cached<Option<NamedFile>> {
|
fn web_index() -> Cached<Option<NamedFile>> {
|
||||||
Cached::short(NamedFile::open(
|
Cached::short(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join("index.html")).ok())
|
||||||
Path::new(&CONFIG.web_vault_folder()).join("index.html"),
|
|
||||||
).ok())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/app-id.json")]
|
#[get("/app-id.json")]
|
||||||
|
|
|
@ -156,9 +156,7 @@ pub struct DeleteJWTClaims {
|
||||||
pub sub: String,
|
pub sub: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn generate_delete_claims(
|
pub fn generate_delete_claims(uuid: String) -> DeleteJWTClaims {
|
||||||
uuid: String,
|
|
||||||
) -> DeleteJWTClaims {
|
|
||||||
let time_now = Utc::now().naive_utc();
|
let time_now = Utc::now().naive_utc();
|
||||||
DeleteJWTClaims {
|
DeleteJWTClaims {
|
||||||
nbf: time_now.timestamp(),
|
nbf: time_now.timestamp(),
|
||||||
|
@ -180,9 +178,7 @@ pub struct VerifyEmailJWTClaims {
|
||||||
pub sub: String,
|
pub sub: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn generate_verify_email_claims(
|
pub fn generate_verify_email_claims(uuid: String) -> DeleteJWTClaims {
|
||||||
uuid: String,
|
|
||||||
) -> DeleteJWTClaims {
|
|
||||||
let time_now = Utc::now().naive_utc();
|
let time_now = Utc::now().naive_utc();
|
||||||
DeleteJWTClaims {
|
DeleteJWTClaims {
|
||||||
nbf: time_now.timestamp(),
|
nbf: time_now.timestamp(),
|
||||||
|
|
|
@ -378,7 +378,6 @@ make_config! {
|
||||||
|
|
||||||
fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
|
fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
|
||||||
let db_url = cfg.database_url.to_lowercase();
|
let db_url = cfg.database_url.to_lowercase();
|
||||||
|
|
||||||
if cfg!(feature = "sqlite") && (db_url.starts_with("mysql:") || db_url.starts_with("postgresql:")) {
|
if cfg!(feature = "sqlite") && (db_url.starts_with("mysql:") || db_url.starts_with("postgresql:")) {
|
||||||
err!("`DATABASE_URL` is meant for MySQL or Postgres, while this server is meant for SQLite")
|
err!("`DATABASE_URL` is meant for MySQL or Postgres, while this server is meant for SQLite")
|
||||||
}
|
}
|
||||||
|
@ -447,12 +446,7 @@ impl Config {
|
||||||
validate_config(&config)?;
|
validate_config(&config)?;
|
||||||
|
|
||||||
Ok(Config {
|
Ok(Config {
|
||||||
inner: RwLock::new(Inner {
|
inner: RwLock::new(Inner { templates: load_templates(&config.templates_folder), config, _env, _usr }),
|
||||||
templates: load_templates(&config.templates_folder),
|
|
||||||
config,
|
|
||||||
_env,
|
|
||||||
_usr,
|
|
||||||
}),
|
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -500,9 +494,8 @@ impl Config {
|
||||||
let e: Vec<&str> = email.rsplitn(2, '@').collect();
|
let e: Vec<&str> = email.rsplitn(2, '@').collect();
|
||||||
if e.len() != 2 || e[0].is_empty() || e[1].is_empty() {
|
if e.len() != 2 || e[0].is_empty() || e[1].is_empty() {
|
||||||
warn!("Failed to parse email address '{}'", email);
|
warn!("Failed to parse email address '{}'", email);
|
||||||
return false
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
self.signups_domains_whitelist().split(',').any(|d| d == e[0])
|
self.signups_domains_whitelist().split(',').any(|d| d == e[0])
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -634,9 +627,7 @@ impl HelperDef for CaseHelper {
|
||||||
rc: &mut RenderContext<'reg>,
|
rc: &mut RenderContext<'reg>,
|
||||||
out: &mut dyn Output,
|
out: &mut dyn Output,
|
||||||
) -> HelperResult {
|
) -> HelperResult {
|
||||||
let param = h
|
let param = h.param(0).ok_or_else(|| RenderError::new("Param not found for helper \"case\""))?;
|
||||||
.param(0)
|
|
||||||
.ok_or_else(|| RenderError::new("Param not found for helper \"case\""))?;
|
|
||||||
let value = param.value().clone();
|
let value = param.value().clone();
|
||||||
|
|
||||||
if h.params().iter().skip(1).any(|x| x.value() == &value) {
|
if h.params().iter().skip(1).any(|x| x.value() == &value) {
|
||||||
|
@ -658,14 +649,10 @@ impl HelperDef for JsEscapeHelper {
|
||||||
_: &mut RenderContext<'reg>,
|
_: &mut RenderContext<'reg>,
|
||||||
out: &mut dyn Output,
|
out: &mut dyn Output,
|
||||||
) -> HelperResult {
|
) -> HelperResult {
|
||||||
let param = h
|
let param = h.param(0).ok_or_else(|| RenderError::new("Param not found for helper \"js_escape\""))?;
|
||||||
.param(0)
|
|
||||||
.ok_or_else(|| RenderError::new("Param not found for helper \"js_escape\""))?;
|
|
||||||
|
|
||||||
let value = param
|
let value =
|
||||||
.value()
|
param.value().as_str().ok_or_else(|| RenderError::new("Param for helper \"js_escape\" is not a String"))?;
|
||||||
.as_str()
|
|
||||||
.ok_or_else(|| RenderError::new("Param for helper \"js_escape\" is not a String"))?;
|
|
||||||
|
|
||||||
let escaped_value = value.replace('\\', "").replace('\'', "\\x22").replace('\"', "\\x27");
|
let escaped_value = value.replace('\\', "").replace('\'', "\\x22").replace('\"', "\\x27");
|
||||||
let quoted_value = format!(""{}"", escaped_value);
|
let quoted_value = format!(""{}"", escaped_value);
|
||||||
|
|
|
@ -2,9 +2,9 @@
|
||||||
// PBKDF2 derivation
|
// PBKDF2 derivation
|
||||||
//
|
//
|
||||||
|
|
||||||
|
use crate::error::Error;
|
||||||
use ring::{digest, hmac, pbkdf2};
|
use ring::{digest, hmac, pbkdf2};
|
||||||
use std::num::NonZeroU32;
|
use std::num::NonZeroU32;
|
||||||
use crate::error::Error;
|
|
||||||
|
|
||||||
static DIGEST_ALG: &digest::Algorithm = &digest::SHA256;
|
static DIGEST_ALG: &digest::Algorithm = &digest::SHA256;
|
||||||
const OUTPUT_LEN: usize = digest::SHA256_OUTPUT_LEN;
|
const OUTPUT_LEN: usize = digest::SHA256_OUTPUT_LEN;
|
||||||
|
|
|
@ -94,7 +94,7 @@ impl std::fmt::Debug for Error {
|
||||||
} else {
|
} else {
|
||||||
write!(f, "{}. {}", self.message, s)
|
write!(f, "{}. {}", self.message, s)
|
||||||
}
|
}
|
||||||
},
|
}
|
||||||
ErrorKind::JsonError(_) => write!(f, "{}", self.message),
|
ErrorKind::JsonError(_) => write!(f, "{}", self.message),
|
||||||
_ => unreachable!(),
|
_ => unreachable!(),
|
||||||
},
|
},
|
||||||
|
|
14
src/mail.rs
14
src/mail.rs
|
@ -8,7 +8,7 @@ use percent_encoding::{percent_encode, NON_ALPHANUMERIC};
|
||||||
use quoted_printable::encode_to_str;
|
use quoted_printable::encode_to_str;
|
||||||
|
|
||||||
use crate::api::EmptyResult;
|
use crate::api::EmptyResult;
|
||||||
use crate::auth::{encode_jwt, generate_invite_claims, generate_delete_claims, generate_verify_email_claims};
|
use crate::auth::{encode_jwt, generate_delete_claims, generate_invite_claims, generate_verify_email_claims};
|
||||||
use crate::error::Error;
|
use crate::error::Error;
|
||||||
use crate::CONFIG;
|
use crate::CONFIG;
|
||||||
use chrono::NaiveDateTime;
|
use chrono::NaiveDateTime;
|
||||||
|
@ -96,9 +96,7 @@ pub fn send_password_hint(address: &str, hint: Option<String>) -> EmptyResult {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn send_delete_account(address: &str, uuid: &str) -> EmptyResult {
|
pub fn send_delete_account(address: &str, uuid: &str) -> EmptyResult {
|
||||||
let claims = generate_delete_claims(
|
let claims = generate_delete_claims(uuid.to_string());
|
||||||
uuid.to_string(),
|
|
||||||
);
|
|
||||||
let delete_token = encode_jwt(&claims);
|
let delete_token = encode_jwt(&claims);
|
||||||
|
|
||||||
let (subject, body_html, body_text) = get_text(
|
let (subject, body_html, body_text) = get_text(
|
||||||
|
@ -115,9 +113,7 @@ pub fn send_delete_account(address: &str, uuid: &str) -> EmptyResult {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn send_verify_email(address: &str, uuid: &str) -> EmptyResult {
|
pub fn send_verify_email(address: &str, uuid: &str) -> EmptyResult {
|
||||||
let claims = generate_verify_email_claims(
|
let claims = generate_verify_email_claims(uuid.to_string());
|
||||||
uuid.to_string(),
|
|
||||||
);
|
|
||||||
let verify_email_token = encode_jwt(&claims);
|
let verify_email_token = encode_jwt(&claims);
|
||||||
|
|
||||||
let (subject, body_html, body_text) = get_text(
|
let (subject, body_html, body_text) = get_text(
|
||||||
|
@ -145,9 +141,7 @@ pub fn send_welcome(address: &str) -> EmptyResult {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn send_welcome_must_verify(address: &str, uuid: &str) -> EmptyResult {
|
pub fn send_welcome_must_verify(address: &str, uuid: &str) -> EmptyResult {
|
||||||
let claims = generate_verify_email_claims(
|
let claims = generate_verify_email_claims(uuid.to_string());
|
||||||
uuid.to_string(),
|
|
||||||
);
|
|
||||||
let verify_email_token = encode_jwt(&claims);
|
let verify_email_token = encode_jwt(&claims);
|
||||||
|
|
||||||
let (subject, body_html, body_text) = get_text(
|
let (subject, body_html, body_text) = get_text(
|
||||||
|
|
Laden …
In neuem Issue referenzieren