mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2025-01-13 07:53:24 -05:00
Get host from client and put it in the attachments URL (only the web vault works without indicating the host in the URL)
This commit is contained in:
parent
912901780e
commit
47a116bbee
@ -47,11 +47,8 @@ RUN mkdir /data
|
|||||||
VOLUME /data
|
VOLUME /data
|
||||||
EXPOSE 80
|
EXPOSE 80
|
||||||
|
|
||||||
# Copies the files from the context (migrations, web-vault, ...)
|
# Copies the files from the context (env file and web-vault)
|
||||||
# and the binary from the "build" stage to the current stage
|
# and the binary from the "build" stage to the current stage
|
||||||
|
|
||||||
# TODO Only needs web-vault and .env
|
|
||||||
# COPY . .
|
|
||||||
COPY .env .
|
COPY .env .
|
||||||
COPY web-vault ./web-vault
|
COPY web-vault ./web-vault
|
||||||
COPY --from=build app/target/release/bitwarden_rs .
|
COPY --from=build app/target/release/bitwarden_rs .
|
||||||
|
@ -23,13 +23,13 @@ use CONFIG;
|
|||||||
|
|
||||||
#[get("/sync")]
|
#[get("/sync")]
|
||||||
fn sync(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> {
|
fn sync(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> {
|
||||||
let user = headers.user;
|
let user = &headers.user;
|
||||||
|
|
||||||
let folders = Folder::find_by_user(&user.uuid, &conn);
|
let folders = Folder::find_by_user(&user.uuid, &conn);
|
||||||
let folders_json: Vec<Value> = folders.iter().map(|c| c.to_json()).collect();
|
let folders_json: Vec<Value> = folders.iter().map(|c| c.to_json()).collect();
|
||||||
|
|
||||||
let ciphers = Cipher::find_by_user(&user.uuid, &conn);
|
let ciphers = Cipher::find_by_user(&user.uuid, &conn);
|
||||||
let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&conn)).collect();
|
let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&headers.host, &conn)).collect();
|
||||||
|
|
||||||
Ok(Json(json!({
|
Ok(Json(json!({
|
||||||
"Profile": user.to_json(),
|
"Profile": user.to_json(),
|
||||||
@ -49,7 +49,7 @@ fn sync(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> {
|
|||||||
fn get_ciphers(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> {
|
fn get_ciphers(headers: Headers, conn: DbConn) -> Result<Json, BadRequest<Json>> {
|
||||||
let ciphers = Cipher::find_by_user(&headers.user.uuid, &conn);
|
let ciphers = Cipher::find_by_user(&headers.user.uuid, &conn);
|
||||||
|
|
||||||
let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&conn)).collect();
|
let ciphers_json: Vec<Value> = ciphers.iter().map(|c| c.to_json(&headers.host, &conn)).collect();
|
||||||
|
|
||||||
Ok(Json(json!({
|
Ok(Json(json!({
|
||||||
"Data": ciphers_json,
|
"Data": ciphers_json,
|
||||||
@ -68,7 +68,7 @@ fn get_cipher(uuid: String, headers: Headers, conn: DbConn) -> Result<Json, BadR
|
|||||||
err!("Cipher is not owned by user")
|
err!("Cipher is not owned by user")
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok(Json(cipher.to_json(&conn)))
|
Ok(Json(cipher.to_json(&headers.host, &conn)))
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize, Debug)]
|
#[derive(Deserialize, Debug)]
|
||||||
@ -122,7 +122,7 @@ fn post_ciphers(data: Json<CipherData>, headers: Headers, conn: DbConn) -> Resul
|
|||||||
|
|
||||||
cipher.save(&conn);
|
cipher.save(&conn);
|
||||||
|
|
||||||
Ok(Json(cipher.to_json(&conn)))
|
Ok(Json(cipher.to_json(&headers.host, &conn)))
|
||||||
}
|
}
|
||||||
|
|
||||||
fn value_from_data(data: &CipherData) -> Result<Value, &'static str> {
|
fn value_from_data(data: &CipherData) -> Result<Value, &'static str> {
|
||||||
@ -229,7 +229,7 @@ fn post_attachment(uuid: String, data: Data, content_type: &ContentType, headers
|
|||||||
attachment.save(&conn);
|
attachment.save(&conn);
|
||||||
});
|
});
|
||||||
|
|
||||||
Ok(Json(cipher.to_json(&conn)))
|
Ok(Json(cipher.to_json(&headers.host, &conn)))
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/ciphers/<uuid>/attachment/<attachment_id>/delete", data = "<_data>")]
|
#[post("/ciphers/<uuid>/attachment/<attachment_id>/delete", data = "<_data>")]
|
||||||
|
@ -94,6 +94,7 @@ use db::models::{User, Device};
|
|||||||
|
|
||||||
pub struct Headers {
|
pub struct Headers {
|
||||||
pub device_type: Option<i32>,
|
pub device_type: Option<i32>,
|
||||||
|
pub host: String,
|
||||||
pub device: Device,
|
pub device: Device,
|
||||||
pub user: User,
|
pub user: User,
|
||||||
}
|
}
|
||||||
@ -111,6 +112,12 @@ impl<'a, 'r> FromRequest<'a, 'r> for Headers {
|
|||||||
_ => None // return err_handler!("Device-Type is invalid or missing")
|
_ => None // return err_handler!("Device-Type is invalid or missing")
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Get host
|
||||||
|
let host = match headers.get_one("Host") {
|
||||||
|
Some(host) => format!("http://{}", host), // TODO: Check if HTTPS
|
||||||
|
_ => String::new() // return err_handler!("Host is invalid or missing")
|
||||||
|
};
|
||||||
|
|
||||||
// Get access_token
|
// Get access_token
|
||||||
let access_token: &str = match request.headers().get_one("Authorization") {
|
let access_token: &str = match request.headers().get_one("Authorization") {
|
||||||
Some(a) => {
|
Some(a) => {
|
||||||
@ -156,6 +163,6 @@ impl<'a, 'r> FromRequest<'a, 'r> for Headers {
|
|||||||
err_handler!("Invalid security stamp")
|
err_handler!("Invalid security stamp")
|
||||||
}
|
}
|
||||||
|
|
||||||
Outcome::Success(Headers { device_type, device, user })
|
Outcome::Success(Headers { device_type, host, device, user })
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -29,10 +29,10 @@ impl Attachment {
|
|||||||
format!("{}/{}/{}", CONFIG.attachments_folder, self.cipher_uuid, self.id)
|
format!("{}/{}/{}", CONFIG.attachments_folder, self.cipher_uuid, self.id)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn to_json(&self) -> JsonValue {
|
pub fn to_json(&self, host: &str) -> JsonValue {
|
||||||
use util::get_display_size;
|
use util::get_display_size;
|
||||||
|
|
||||||
let web_path = format!("/attachments/{}/{}", self.cipher_uuid, self.id);
|
let web_path = format!("{}/attachments/{}/{}", host, self.cipher_uuid, self.id);
|
||||||
let display_size = get_display_size(self.file_size);
|
let display_size = get_display_size(self.file_size);
|
||||||
|
|
||||||
json!({
|
json!({
|
||||||
|
@ -57,7 +57,7 @@ use db::schema::ciphers;
|
|||||||
|
|
||||||
/// Database methods
|
/// Database methods
|
||||||
impl Cipher {
|
impl Cipher {
|
||||||
pub fn to_json(&self, conn: &DbConn) -> JsonValue {
|
pub fn to_json(&self, host: &str, conn: &DbConn) -> JsonValue {
|
||||||
use serde_json;
|
use serde_json;
|
||||||
use util::format_date;
|
use util::format_date;
|
||||||
use super::Attachment;
|
use super::Attachment;
|
||||||
@ -65,7 +65,7 @@ impl Cipher {
|
|||||||
let data_json: JsonValue = serde_json::from_str(&self.data).unwrap();
|
let data_json: JsonValue = serde_json::from_str(&self.data).unwrap();
|
||||||
|
|
||||||
let attachments = Attachment::find_by_cipher(&self.uuid, conn);
|
let attachments = Attachment::find_by_cipher(&self.uuid, conn);
|
||||||
let attachments_json: Vec<JsonValue> = attachments.iter().map(|c| c.to_json()).collect();
|
let attachments_json: Vec<JsonValue> = attachments.iter().map(|c| c.to_json(host)).collect();
|
||||||
|
|
||||||
json!({
|
json!({
|
||||||
"Id": self.uuid,
|
"Id": self.uuid,
|
||||||
|
Loading…
Reference in New Issue
Block a user