1
0
Fork 0
Test fork
Datei suchen
Stefan Melmuk fa7dbedd5d
redirect to admin login page when forward fails
currently, if the admin guard fails the user will get a 404 page.
and when the session times out after 20 minutes post methods will
give the reason "undefined" as a response while generating the support
string will fail without any user feedback.

this commit changes the error handling on admin pages

* by removing the reliance on Rockets forwarding and making the login
  page an explicit route that can be redirected to from all admin pages

* by removing the obsolete and mostly unused Referer struct we can
  redirect the user back to the requested admin page directley

* by providing an error message for json requests the
  `get_diagnostics_config` and all post methods can return a more
  comprehensible message and the user can be alerted

* the `admin_url()` function can be simplified because rfc2616 has been
  obsoleted by rfc7231 in 2014 (and also by the recently released
  rfc9110) which allows relative urls in the Location header.

  c.f. https://www.rfc-editor.org/rfc/rfc7231#section-7.1.2 and
  https://www.rfc-editor.org/rfc/rfc9110#section-10.2.2
2022-11-28 16:46:06 +01:00
.github Update Rust version, deps and workflow 2022-11-08 14:03:31 +01:00
docker Update Rust version, deps and workflow 2022-11-08 14:03:31 +01:00
hooks Support all DB's for Alpine and Debian 2021-12-26 21:59:28 +01:00
migrations group support 2022-10-20 15:31:53 +02:00
resources Storing the original Vaultwarden svg images 2021-07-04 18:37:01 +02:00
src redirect to admin login page when forward fails 2022-11-28 16:46:06 +01:00
tools global_domains.py: allow syncing to a specific Git ref 2021-02-03 12:20:44 -08:00
.dockerignore Update async to prepare for main merge 2022-02-22 20:00:33 +01:00
.editorconfig Misc changes. 2021-03-30 21:45:10 +02:00
.env.template Merge pull request #2928 from karbobc/settings-description 2022-11-27 22:01:54 +01:00
.gitattributes Just ignore scripts 2021-04-01 20:44:58 +01:00
.gitignore Rename included .env file to .env.template and ignored .env 2019-01-06 22:50:30 +01:00
.hadolint.yaml add hadolint config file 2019-07-05 11:06:44 +02:00
.pre-commit-config.yaml Allow FireFox relay in CSP. 2022-06-22 16:30:31 +02:00
build.rs Remove references to "bwrs" #2195 2022-01-23 23:40:59 +01:00
Cargo.lock Update Rust version, deps and workflow 2022-11-09 22:40:00 +01:00
Cargo.toml Update Rust version, deps and workflow 2022-11-09 22:40:00 +01:00
diesel.toml Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage. 2018-06-12 17:30:36 +02:00
Dockerfile Change Dockerfiles to make the AMD image multidb 2020-08-24 20:58:00 +02:00
LICENSE.txt Upload and download attachments, and added License file 2018-02-15 00:40:34 +01:00
README.md Update sponsors 2022-10-23 00:49:06 +02:00
rust-toolchain Update Rust version, deps and workflow 2022-11-09 22:40:00 +01:00
rustfmt.toml Improve sync speed and updated dep. versions 2022-05-06 17:01:02 +02:00
SECURITY.md Adding a SECURITY.md 2021-06-26 11:49:00 +02:00

Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.

📢 Note: This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues. Please see #1642 for more explanation.


Docker Pulls Dependency Status GitHub Release GPL-3.0 Licensed Matrix Chat

Image is based on Rust implementation of Bitwarden API.

This project is not associated with the Bitwarden project nor Bitwarden, Inc.

⚠️IMPORTANT⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.


Features

Basically full implementation of Bitwarden API is provided including:

  • Organizations support
  • Attachments
  • Vault API support
  • Serving the static files for Vault interface
  • Website icons API
  • Authenticator and U2F support
  • YubiKey and Duo support

Installation

Pull the docker image and mount a volume from the host for persistent storage:

docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /vw-data/:/data/ -p 80:80 vaultwarden/server:latest

This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.

IMPORTANT: Some web browsers, like Chrome, disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'. To solve this problem, you need to access the web vault from HTTPS.

This can be configured in vaultwarden directly or using a third-party reverse proxy (some examples).

If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy (see examples linked above).

Usage

See the vaultwarden wiki for more information on how to configure and run the vaultwarden server.

Get in touch

To ask a question, offer suggestions or new features or to get help configuring or installing the software, please use the forum.

If you spot any bugs or crashes with vaultwarden itself, please create an issue. Make sure there aren't any similar issues open, though!

If you prefer to chat, we're usually hanging around at #vaultwarden:matrix.org room on Matrix. Feel free to join us!

Sponsors

Thanks for your contribution to the project!

Chris Alfano
Numberly