Mirrors/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-06-12 21:27:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template

Browse Source
This commit is contained in:
Daniel García
2019-01-19 21:36:34 +01:00
parent 97aa407fe4
commit 834c847746
12 changed files with 366 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/api/core/accounts.rs
View File

@ -4,7 +4,7 @@ use crate::db::models::*;
use crate::db::DbConn;
use crate::api::{EmptyResult, JsonResult, JsonUpcase, Notify, NumberOrString, PasswordData, UpdateType};
use crate::auth::{decode_invite_jwt, Headers, InviteJWTClaims};
use crate::auth::{decode_invite, Headers};
use crate::mail;
use crate::CONFIG;
@ -66,7 +66,7 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
}
if let Some(token) = data.Token {
let claims: InviteJWTClaims = decode_invite_jwt(&token)?;
let claims = decode_invite(&token)?;
if claims.email == data.Email {
user
} else {

4
src/api/core/organizations.rs
View File

@ -7,7 +7,7 @@ use crate::db::DbConn;
use crate::CONFIG;
use crate::api::{EmptyResult, JsonResult, JsonUpcase, Notify, NumberOrString, PasswordData, UpdateType};
use crate::auth::{decode_invite_jwt, AdminHeaders, Headers, InviteJWTClaims, OwnerHeaders};
use crate::auth::{decode_invite, AdminHeaders, Headers, OwnerHeaders};
use crate::mail;
@ -582,7 +582,7 @@ fn accept_invite(_org_id: String, _org_user_id: String, data: JsonUpcase<AcceptD
// The web-vault passes org_id and org_user_id in the URL, but we are just reading them from the JWT instead
let data: AcceptData = data.into_inner().data;
let token = &data.Token;
let claims: InviteJWTClaims = decode_invite_jwt(&token)?;
let claims = decode_invite(&token)?;
match User::find_by_mail(&claims.email, &conn) {
Some(_) => {