vpl
2edecf34ff
Use user_uuid instead of mut twofactor
2019-10-15 21:20:19 +02:00
vpl
18bc8331f9
Send email when preparing 2FA JsonError
2019-10-15 21:19:49 +02:00
BlackDex
603a964579
Fixed issue #663 .
...
During the 2fa activation there is no twofactor record yet.
Changed the layout a bit so that it will generate a new twofactor record
when it does not exists yet. Else it will just update the already
existing record.
2019-10-14 00:32:44 +02:00
BlackDex
9466f02696
Recoded TOTP time drift validation
2019-10-12 15:28:28 +02:00
BlackDex
d989a19f76
Merge branch 'master' of https://github.com/dani-garcia/bitwarden_rs into totp-timedrift
2019-10-11 11:22:13 +02:00
Daniel García
d292269ea0
Make the blacklist logic be cached
2019-10-10 23:21:22 +02:00
BlackDex
ebf40099f2
Updated authenticator TOTP
...
- Added security check for previouse used codes
- Allow TOTP codes with 1 step back and forward when there is a time
drift. This means in total 3 codes could be valid. But only newer codes
then the previouse used codes are excepted after that.
2019-10-10 17:32:20 +02:00
BlackDex
edc482c8ea
Changed HIBP Error message.
...
- Moved the manual link to the check to the top.
- Clearified that hibp is a payed service.
- Changed error logo to hibp logo.
2019-10-08 22:29:12 +02:00
BlackDex
6e5c03cc78
Some modification when no HIBP API Key is set
...
- Added an URL with the useraccount for manual check.
- Added support for HTTP(S)_PROXY for hibp.
2019-10-08 21:39:11 +02:00
Daniel García
e6b763026e
Merge branch 'master' into icon-security
2019-10-05 16:45:36 +02:00
BlackDex
be2916333b
Fixed issue #565
...
Issue fixed by omitting the cookie header when cookie_str is empty
2019-10-05 15:45:09 +02:00
BlackDex
9124d8a3fb
Updated icon blacklisting.
...
- Blacklisting was not effective for redirects and rel href
- Able to blacklist non global IP's like RFC1918, multicast etc...
2019-10-05 14:48:15 +02:00
Miro Prasil
d6e9af909b
Remove the unnecessary check for sqlite
...
The binary we use is called `sqlite3` so no need to check for other
name variants as we won't use those anyways.
2019-10-01 10:40:22 +01:00
Miro Prasil
acdd42935b
Add sqlite binary into the docker images
...
This is done to enable backup functionality in the admin interface while
we're waiting for the libsqlite-sys 0.17 to bubble up in the upstream
dependencies. Then we can start using `VACUUM INTO`
This also extends the check for the sqlite binary to also try `sqlite3`
as this is the name of the binary in baseimage distributions we use.
2019-09-30 13:54:06 +01:00
Daniel García
4c07f05b3a
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder.
...
Removed unnecessary returns
2019-09-17 21:05:56 +02:00
Daniel García
df8114f8be
Updated client kdf iterations to 100000 and fixed some lints
2019-09-05 21:56:12 +02:00
Daniel García
e3404dd322
Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values
2019-08-31 17:47:52 +02:00
Daniel García
bfc517ee80
Remove unused warning
2019-08-31 17:26:16 +02:00
Daniel García
4a7d2a1e28
Rename static files endpoint
2019-08-31 17:25:31 +02:00
vpl
5d50b1ee3c
Merge remote-tracking branch 'upstream/master' into email-codes
2019-08-26 21:38:45 +02:00
vpl
c99df1c310
Compare token using crypto::ct_eq
2019-08-26 20:26:59 +02:00
vpl
591ae10144
Get token from single u64
2019-08-26 20:26:54 +02:00
Daniel García
026f9da035
Allow removing users two factors
2019-08-21 17:13:06 +02:00
Daniel García
515b87755a
Update HIBP to v3, requires paid API key, fixes #583
2019-08-20 20:07:12 +02:00
vpl
ee7837d022
Add option to require new device emails
2019-08-19 22:14:00 +02:00
Daniel García
07743e490b
Ignore error sending device email
2019-08-18 19:32:26 +02:00
BlackDex
e7b6238f43
Added reqwest proxy support
2019-08-12 17:24:32 +02:00
vpl
ad2225b6e5
Add configuration options for Email 2FA
2019-08-10 22:39:04 +02:00
vpl
5609103a97
Use ring to generate email token
2019-08-06 22:38:08 +02:00
vpl
6d460b44b0
Use saved token for email 2fa codes
2019-08-04 17:21:57 +02:00
vpl
efd8d9f528
Remove some unused imports, unneeded mut variables
2019-08-04 16:56:41 +02:00
vpl
29aedd388e
Add email code logic and move two_factor into separate modules
2019-08-04 16:56:41 +02:00
vpl
27e0e41835
Add email authenticator logic
2019-08-04 16:56:39 +02:00
Daniel García
c9c3f07171
Updated dependencies and fixed panic getting icons
2019-07-30 19:42:05 +02:00
vpl
df71f57d86
Move send device email to end of password login
...
Send new device email after two factor authentication.
2019-07-25 21:10:27 +02:00
vpl
60e39a9dd1
Move retrieve/new device from connData to separate function
2019-07-22 12:30:26 +02:00
vpl
bc6a53b847
Add new device email when user logs in
2019-07-22 08:26:24 +02:00
Daniel García
05a1137828
Move backend checks to build.rs to fail fast, and updated dependencies
2019-07-09 17:26:34 +02:00
Daniel García
5710703c50
Make sure the backup option only appears when using sqlite
2019-06-02 00:08:52 +02:00
Daniel García
1322b876e9
Merge pull request #493 from endyman/feature/initial_mysql_support
...
Initial support for mysql
2019-06-01 23:33:06 +02:00
Emil Madsen
e22e290f67
Fix key and type variable names for mysql
2019-05-20 21:24:29 +02:00
TheMardy
ef551f4cc6
Create Backup funcitonality
...
Added create backup functionality to the admin panel
2019-05-03 15:46:29 +02:00
Daniel García
5521a86693
Change path for served images to avoid collision with vault images
2019-05-01 16:19:22 +02:00
Daniel García
3160780549
Merge pull request #401 from TheMardy/master
...
Images in Email Templates
2019-04-30 17:52:10 +02:00
Daniel García
874f5c34bd
Formatting
2019-04-26 22:08:26 +02:00
Daniel García
253faaf023
Use users duo host when required, instead of always using the global one
2019-04-15 13:07:23 +02:00
Daniel García
3d843a6a51
Merge pull request #460 from janost/organization-vault-purge
...
Fixed purging organization vault
2019-04-14 22:30:51 +02:00
janost
03fdf36bf9
Fixed purging organization vault
2019-04-14 22:12:48 +02:00
Daniel García
fdcc32beda
Validate Duo credentials when custom
2019-04-14 22:05:05 +02:00
Daniel García
bf20355c5e
Merge branch 'duo'
2019-04-14 22:02:55 +02:00