vaultwarden
/
vaultwarden-alternativa-bitwarden
mirror of https://github.com/dani-garcia/vaultwarden.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Get host from client and put it in the attachments URL (only the web vault works without indicating the host in the URL)

This commit is contained in:
Daniel García 2018-02-15 01:49:36 +01:00
parent 912901780e
commit 47a116bbee
5 changed files with 19 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Dockerfile
View File

@ -47,11 +47,8 @@ RUN mkdir /data
VOLUME /data VOLUME /data
EXPOSE 80 EXPOSE 80
# Copies the files from the context (migrations, web-vault, ...) # Copies the files from the context (env file and web-vault)
# and the binary from the "build" stage to the current stage # and the binary from the "build" stage to the current stage
# TODO Only needs web-vault and .env
# COPY . .
COPY .env . COPY .env .
COPY web-vault ./web-vault COPY web-vault ./web-vault
COPY --from=build app/target/release/bitwarden_rs . COPY --from=build app/target/release/bitwarden_rs .

12
src/api/core/ciphers.rs
View File

@ -23,13 +23,13 @@ use CONFIG;
#[get("/sync")] #[get("/sync")]
fn sync(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> { fn sync(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> {
let user = headers.user; let user = &headers.user;
let folders = Folder::find_by_user(&user.uuid, &conn); let folders = Folder::find_by_user(&user.uuid, &conn);
let folders_json: Vec<Value> = folders.iter().map(|c| c.to_json()).collect(); let folders_json: Vec<Value> = folders.iter().map(|c| c.to_json()).collect();
let ciphers = Cipher::find_by_user(&user.uuid, &conn); let ciphers = Cipher::find_by_user(&user.uuid, &conn);
let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&conn)).collect(); let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&headers.host, &conn)).collect();
Ok(Json(json!({ Ok(Json(json!({
"Profile": user.to_json(), "Profile": user.to_json(),
@ -49,7 +49,7 @@ fn sync(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> {
fn get_ciphers(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> { fn get_ciphers(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> {
let ciphers = Cipher::find_by_user(&headers.user.uuid, &conn); let ciphers = Cipher::find_by_user(&headers.user.uuid, &conn);
let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&conn)).collect(); let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&headers.host, &conn)).collect();
Ok(Json(json!({ Ok(Json(json!({
"Data": ciphers_json, "Data": ciphers_json,
@ -68,7 +68,7 @@ fn get_cipher(uuid: String, headers: Headers, conn: DbConn) -> Result<Json, BadR
err!("Cipher is not owned by user") err!("Cipher is not owned by user")
} }
Ok(Json(cipher.to_json(&conn))) Ok(Json(cipher.to_json(&headers.host, &conn)))
} }
#[derive(Deserialize, Debug)] #[derive(Deserialize, Debug)]
@ -122,7 +122,7 @@ fn post_ciphers(data: Json<CipherData>, headers: Headers, conn: DbConn) -> Resul
cipher.save(&conn); cipher.save(&conn);
Ok(Json(cipher.to_json(&conn))) Ok(Json(cipher.to_json(&headers.host, &conn)))
} }
fn value_from_data(data: &CipherData) -> Result<Value, &'static str> { fn value_from_data(data: &CipherData) -> Result<Value, &'static str> {
@ -229,7 +229,7 @@ fn post_attachment(uuid: String, data: Data, content_type: &ContentType, headers
attachment.save(&conn); attachment.save(&conn);
}); });
Ok(Json(cipher.to_json(&conn))) Ok(Json(cipher.to_json(&headers.host, &conn)))
} }
#[post("/ciphers/<uuid>/attachment/<attachment_id>/delete", data = "<_data>")] #[post("/ciphers/<uuid>/attachment/<attachment_id>/delete", data = "<_data>")]

9
src/auth.rs
View File

@ -94,6 +94,7 @@ use db::models::{User, Device};
pub struct Headers { pub struct Headers {
pub device_type: Option<i32>, pub device_type: Option<i32>,
pub host: String,
pub device: Device, pub device: Device,
pub user: User, pub user: User,
} }
@ -111,6 +112,12 @@ impl<'a, 'r> FromRequest<'a, 'r> for Headers {
_ => None // return err_handler!("Device-Type is invalid or missing") _ => None // return err_handler!("Device-Type is invalid or missing")
}; };
// Get host
let host = match headers.get_one("Host") {
Some(host) => format!("http://{}", host), // TODO: Check if HTTPS
_ => String::new() // return err_handler!("Host is invalid or missing")
};
// Get access_token // Get access_token
let access_token: &str = match request.headers().get_one("Authorization") { let access_token: &str = match request.headers().get_one("Authorization") {
Some(a) => { Some(a) => {
@ -156,6 +163,6 @@ impl<'a, 'r> FromRequest<'a, 'r> for Headers {
err_handler!("Invalid security stamp") err_handler!("Invalid security stamp")
} }
Outcome::Success(Headers { device_type, device, user }) Outcome::Success(Headers { device_type, host, device, user })
} }
} }

4
src/db/models/attachment.rs
View File

@ -29,10 +29,10 @@ impl Attachment {
format!("{}/{}/{}", CONFIG.attachments_folder, self.cipher_uuid, self.id) format!("{}/{}/{}", CONFIG.attachments_folder, self.cipher_uuid, self.id)
} }
pub fn to_json(&self) -> JsonValue { pub fn to_json(&self, host: &str) -> JsonValue {
use util::get_display_size; use util::get_display_size;
let web_path = format!("/attachments/{}/{}", self.cipher_uuid, self.id); let web_path = format!("{}/attachments/{}/{}", host, self.cipher_uuid, self.id);
let display_size = get_display_size(self.file_size); let display_size = get_display_size(self.file_size);
json!({ json!({

4
src/db/models/cipher.rs
View File

@ -57,7 +57,7 @@ use db::schema::ciphers;
/// Database methods /// Database methods
impl Cipher { impl Cipher {
pub fn to_json(&self, conn: &DbConn) -> JsonValue { pub fn to_json(&self, host: &str, conn: &DbConn) -> JsonValue {
use serde_json; use serde_json;
use util::format_date; use util::format_date;
use super::Attachment; use super::Attachment;
@ -65,7 +65,7 @@ impl Cipher {
let data_json: JsonValue = serde_json::from_str(&self.data).unwrap(); let data_json: JsonValue = serde_json::from_str(&self.data).unwrap();
let attachments = Attachment::find_by_cipher(&self.uuid, conn); let attachments = Attachment::find_by_cipher(&self.uuid, conn);
let attachments_json: Vec<JsonValue> = attachments.iter().map(|c| c.to_json()).collect(); let attachments_json: Vec<JsonValue> = attachments.iter().map(|c| c.to_json(host)).collect();
json!({ json!({
"Id": self.uuid, "Id": self.uuid,