Commit Graph

14 Commits

Author SHA1 Message Date
Jeremy Lin
a9a5706764 Add support for password reprompt
Upstream PR: https://github.com/bitwarden/server/pull/1269
2021-05-11 20:09:57 -07:00
Daniel García
95e24ffc51
rename send key -> akey 2021-03-15 16:42:20 +01:00
Daniel García
8da5b99482
Send API 2021-03-14 23:35:55 +01:00
BlackDex
de86aa671e Fix Key Rotation during password change
When ticking the 'Also rotate my account's encryption key' box, the key
rotated ciphers are posted after the change of password.

During the password change the security stamp was reseted which made
the posted key's return an invalid auth. This reset is needed to prevent other clients from still being able to read/write.

This fixes this by adding a new database column which stores a stamp exception which includes the allowed route and the current security stamp before it gets reseted.
When the security stamp check fails it will check if there is a stamp exception and tries to match the route and security stamp.

Currently it only allows for one exception. But if needed we could expand it by using a Vec<UserStampException> and change the functions accordingly.

fixes #1240
2020-12-14 19:58:23 +01:00
janost
043aa27aa3 Implement admin ability to enable/disable users 2020-11-30 23:12:56 +01:00
Jeremy Lin
3bbdbb832c Transfer favorite status for user-owned ciphers 2020-08-22 17:14:05 -07:00
Jeremy Lin
f83a8a36d1 Track favorites on a per-user basis
Currently, favorites are tracked at the cipher level. For org-owned ciphers,
this means that if one user sets it as a favorite, it automatically becomes a
favorite for all other users that the cipher has been shared with.
2020-08-19 02:32:58 -07:00
Jeremy Lin
979d010dc2 Add support for hiding passwords in a collection
Ref: https://github.com/bitwarden/server/pull/743
2020-07-02 21:51:20 -07:00
Daniel García
e3b00b59a7
Initial support for soft deletes 2020-04-17 22:35:27 +02:00
Daniel García
3fa78e7bb1
Initial version of policies 2020-03-14 13:32:28 +01:00
tomuta
bd1e8be328 Implement change-email, email-verification, account-recovery, and welcome notifications 2019-11-24 22:28:49 -07:00
BlackDex
ebf40099f2 Updated authenticator TOTP
- Added security check for previouse used codes
- Allow TOTP codes with 1 step back and forward when there is a time
drift. This means in total 3 codes could be valid. But only newer codes
then the previouse used codes are excepted after that.
2019-10-10 17:32:20 +02:00
Michael Powers
1264eb640a
Added a migration that fixes #1 which caused attachments to be broken
for the PostgreSQL backend. Also converts any CHAR types to VARCHAR to prevent the same issue from causing problems down the line.
2019-09-16 19:52:00 -04:00
Michael Powers
f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246.
This includes migrations as well as Dockerfile's for amd64.

The biggest change is that replace_into isn't supported by Diesel for the
PostgreSQL backend, instead requiring the use of on_conflict. This
unfortunately requires a branch for save() on all of the models currently
using replace_into.
2019-09-12 16:12:22 -04:00