vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README
commit 15dd05c78d975acc2815c3ebb34d6bac773c43f2
parent 525e6bb65a6926e0f9de3fc5dafd5c5b63981f9f
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Sun,  2 Apr 2023 15:19:53 +0200

Merge pull request #3390 from BlackDex/fix-abort-pw-reset-on-mail-error

Fix abort on pw reset mail error
Diffstat:

Msrc/api/core/organizations.rs | 10+++++++---


1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs
@@ -2694,7 +2694,7 @@ async fn put_reset_password(
         None => err!("User to reset isn't member of required organization"),
     };
 
-    let mut user = match User::find_by_uuid(&org_user.user_uuid, &mut conn).await {
+    let user = match User::find_by_uuid(&org_user.user_uuid, &mut conn).await {
         Some(user) => user,
         None => err!("User not found"),
     };
@@ -2711,11 +2711,12 @@ async fn put_reset_password(
     // Sending email before resetting password to ensure working email configuration and the resulting
     // user notification. Also this might add some protection against security flaws and misuse
     if let Err(e) = mail::send_admin_reset_password(&user.email, &user.name, &org.name).await {
-        error!("Error sending user reset password email: {:#?}", e);
+        err!(format!("Error sending user reset password email: {e:#?}"));
     }
 
     let reset_request = data.into_inner().data;
 
+    let mut user = user;
     user.set_password(reset_request.NewMasterPasswordHash.as_str(), Some(reset_request.Key), true, None);
     user.save(&mut conn).await?;
 
@@ -2759,12 +2760,15 @@ async fn get_reset_password_details(
 
     check_reset_password_applicable_and_permissions(&org_id, &org_user_id, &headers, &mut conn).await?;
 
+    // https://github.com/bitwarden/server/blob/3b50ccb9f804efaacdc46bed5b60e5b28eddefcf/src/Api/Models/Response/Organizations/OrganizationUserResponseModel.cs#L111
     Ok(Json(json!({
         "Object": "organizationUserResetPasswordDetails",
         "Kdf":user.client_kdf_type,
         "KdfIterations":user.client_kdf_iter,
+        "KdfMemory":user.client_kdf_memory,
+        "KdfParallelism":user.client_kdf_parallelism,
         "ResetPasswordKey":org_user.reset_password_key,
-        "EncryptedPrivateKey":org.private_key ,
+        "EncryptedPrivateKey":org.private_key,
 
     })))
 }