Commit Graph

51 Commits

Author SHA1 Message Date
BlackDex baac8d9627 Fixed issue #908
The organization uuid is most of the time within the uri path as a
parameter. But sometimes it only is there as a query value.

This fix checks both, and returns the uuid when possible.
2020-03-19 17:37:10 +01:00
BlackDex 669b101e6a Fixing issue #908
Sometimes an org-uuid is not within the path but in a query value,
This fixes the check for that.
2020-03-19 16:50:47 +01:00
BlackDex 37b212427c Updated jsonwebtoken
Updated to the latest version of jsonwebtoken.
Some small code changes to match the new versions.
2020-03-16 16:38:00 +01:00
Daniel García 3fa78e7bb1
Initial version of policies 2020-03-14 13:32:28 +01:00
Daniel García 70f3ab8ec3
Migrate lazy_static to once_cell, less macro magic and slightly faster 2020-03-09 22:04:03 +01:00
Jeremy Lin 29a0795219 Add backend support for alternate base dir (subdir/subpath) hosting
To use this, include a path in the `DOMAIN` URL, e.g.:

* `DOMAIN=https://example.com/custom-path`
* `DOMAIN=https://example.com/multiple/levels/are/ok`
2020-02-18 21:27:00 -08:00
Daniel García cb6f392774
When receiving a comma separated list as IP, pick the first 2019-12-28 15:09:07 +01:00
Daniel García 88c56de97b
Config option for client IP header 2019-12-27 18:42:39 +01:00
Daniel García a0ece3754b
Formatting 2019-12-27 18:37:14 +01:00
tomuta bd1e8be328 Implement change-email, email-verification, account-recovery, and welcome notifications 2019-11-24 22:28:49 -07:00
Daniel García d29b6bee28
Remove unnecessary clones and other clippy fixes 2019-11-02 17:39:01 +01:00
Emil Madsen e22e290f67 Fix key and type variable names for mysql 2019-05-20 21:24:29 +02:00
Daniel García 4f45cc081f
Update ring to 0.14, jwt to 6.0, and u2f 2019-05-11 23:18:18 +02:00
Daniel García 04922f6aa0
Some formatting and dependency updates 2019-03-03 16:11:55 +01:00
Daniel García a1dc47b826
Change config to thread-safe system, needed for a future config panel.
Improved some two factor methods.
2019-01-25 18:24:57 +01:00
Daniel García 834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template 2019-01-19 21:41:49 +01:00
Daniel García 50eeb4f651
Remove whitespace before processing tokens 2019-01-07 20:37:14 +01:00
Nick Fox 0a74e79cea
Refactor generate_invite_claims, make org_name and org_id optional 2019-01-05 23:03:49 -05:00
Nick Fox cec28a85ac
Update admin page to work with new invitation flow 2019-01-04 10:32:51 -05:00
Nick Fox 736c0e62f2
Send emails to inviters/invitees when invites are accepted/confirmed 2019-01-02 22:20:39 -05:00
Daniel García 30e768613b
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00
Daniel García 2bb0b15e04
Implemented better errors for JWT 2018-12-30 21:43:55 +01:00
Daniel García b2fc0499f6
Finish invite functionality, and remove virtual organization 2018-12-30 21:40:26 +01:00
Daniel García 5fecf09631
Initial version of admin panel, list users and reload user list works. No serious auth method yet, password is 'token123' 2018-12-30 21:31:11 +01:00
Nick Fox 26bf7bc12f
Use upstream jslib invite/registration workflow 2018-12-18 23:16:03 -05:00
Nick Fox 680f5e83d8
Add Invite JWT struct and supporting functions 2018-12-14 21:52:16 -05:00
Daniel García 7adc045b80
Updated IP logging to use client_ip, to match old remote behavior.
Improved error logging, now it won't show a generic error message in some situations.
Removed delete device, which is not needed as it will be overwritten later.
Logged more info when an error occurs saving a device.
Added orgmanager to JWT claims.
2018-12-09 17:58:38 +01:00
Daniel García 738ad2127b
Fixed some clippy linting issues 2018-12-07 15:01:29 +01:00
Daniel García 94810c106a
Migrate to rust 2018 edition 2018-12-07 02:05:45 +01:00
Daniel García 2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested) 2018-12-06 20:35:25 +01:00
Daniel García f84cbeaaf8
Merge branch 'master' into rocket-0.4
# Conflicts:
#	src/db/models/organization.rs
2018-11-14 16:14:49 +01:00
Miroslav Prasil 66a4c5d48b Implement comparison between i32 and UserOrgType 2018-11-12 17:13:25 +00:00
Daniel García 6eb1c3d638
Fixed change in organizations header, now Request::get_param() are indexed by segment, not dynamic parameter. 2018-11-06 16:53:34 +01:00
Daniel García c673370103
Updated bw_rs to Rocket version 0.4-rc1 2018-11-01 19:25:09 +01:00
Miroslav Prasil a28caa33ef Implement poor man's admin panel 2018-10-12 15:20:10 +01:00
Miroslav Prasil de72655bb1 Add confirmed check to the OrgHeaders request guard 2018-07-16 10:23:45 +01:00
Daniel García c722256cbd Remove debug print 2018-07-13 00:40:59 +02:00
Daniel García 8ff50481e5 Use X-Forwarded-Host if available 2018-07-13 00:33:28 +02:00
Daniel García 4f6f510bd4 Improve domain detection, should fix attachment problems. Otherwise, set the `DOMAIN` env variable to the correct domain 2018-07-12 23:28:16 +02:00
Daniel García dae92b9018 Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 22:22:10 +02:00
Daniel García e88d8c856d Change host url to https when it's enabled, should fix some problems downloading attachments 2018-07-11 16:23:39 +02:00
Daniel García 483066b9a0 Some style changes, removed useless matches and formats 2018-06-11 15:44:37 +02:00
Miroslav Prasil 4d50014e35 Implement request guards for organization 2018-05-30 13:35:10 +01:00
Daniel García 4093bf92fe Initial organizations functionality: Creating orgs and inviting users 2018-04-24 22:01:55 +02:00
Daniel García 66097e5f12 r2d2_diesel is included in diesel since 1.1, so we don't need the dependencies directly.
Same thing with time, included in chrono
2018-03-07 18:41:34 +01:00
Daniel García dfefbf1f31 Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings 2018-02-23 00:38:54 +01:00
Daniel García 84a75c871b Improved error messagees, implemented delete ciphers, attachments and account, implemented two factor recovery.
Known missing:
 - import ciphers, create ciphers types other than login and card, update ciphers
 - clear and put device_tokens
 - Equivalent domains
 - Organizations
2018-02-15 19:05:57 +01:00
Daniel García 47a116bbee Get host from client and put it in the attachments URL (only the web vault works without indicating the host in the URL) 2018-02-15 01:49:36 +01:00
Daniel García 31bf2bc2b1 Solved some warnings 2018-02-15 00:53:11 +01:00
Daniel García b54684b677 Upload and download attachments, and added License file 2018-02-15 00:40:34 +01:00