vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 19754c967fec78d1e303359c634b41bcf6dce076
parent 738ad2127bcd71f07c075a6df6424fb11fcd5837
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Fri,  7 Dec 2018 18:25:18 +0100

More changes to the push token, and filtered multipart logs

Diffstat:
Msrc/api/core/mod.rs | 50+++++++++++++++++---------------------------------
Msrc/main.rs | 4++++
2 files changed, 21 insertions(+), 33 deletions(-)

diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs @@ -28,28 +28,22 @@ pub fn routes() -> Vec<Route> { /// /// Move this somewhere else /// - use rocket::Route; use rocket_contrib::json::Json; use serde_json::Value; use crate::db::DbConn; -use crate::db::models::*; -use crate::api::{JsonResult, EmptyResult, JsonUpcase}; +use crate::api::{EmptyResult, JsonResult, JsonUpcase}; use crate::auth::Headers; #[put("/devices/identifier/<uuid>/clear-token")] -fn clear_device_token(uuid: String, headers: Headers, conn: DbConn) -> EmptyResult { - let device = match Device::find_by_uuid(&uuid, &conn) { - Some(device) => device, - None => err!("Device not found") - }; - - if device.user_uuid != headers.user.uuid { - err!("Device not owned by user") - } +fn clear_device_token(uuid: String) -> EmptyResult { + // This endpoint doesn't have auth header + + let _ = uuid; + // uuid is not related to deviceId // This only clears push token // https://github.com/bitwarden/core/blob/master/src/Api/Controllers/DevicesController.cs#L109 @@ -58,28 +52,20 @@ fn clear_device_token(uuid: String, headers: Headers, conn: DbConn) -> EmptyResu } #[put("/devices/identifier/<uuid>/token", data = "<data>")] -fn put_device_token(uuid: String, data: JsonUpcase<Value>, headers: Headers, conn: DbConn) -> JsonResult { +fn put_device_token(uuid: String, data: JsonUpcase<Value>, headers: Headers) -> JsonResult { let _data: Value = data.into_inner().data; + // Data has a single string value "PushToken" + let _ = uuid; + // uuid is not related to deviceId - let device = match Device::find_by_uuid(&uuid, &conn) { - Some(device) => device, - None => err!("Device not found") - }; - - if device.user_uuid != headers.user.uuid { - err!("Device not owned by user") - } - - // This should save the push token, but we don't have push functionality - - use crate::util::format_date; + // TODO: This should save the push token, but we don't have push functionality Ok(Json(json!({ - "Id": device.uuid, - "Name": device.name, - "Type": device.type_, - "Identifier": device.uuid, - "CreationDate": format_date(&device.created_at), + "Id": headers.device.uuid, + "Name": headers.device.name, + "Type": headers.device.type_, + "Identifier": headers.device.uuid, + "CreationDate": crate::util::format_date(&headers.device.created_at), }))) } @@ -114,7 +100,6 @@ fn get_eq_domains(headers: Headers) -> JsonResult { }))) } - #[derive(Deserialize, Debug)] #[allow(non_snake_case)] struct EquivDomainData { @@ -137,9 +122,8 @@ fn post_eq_domains(data: JsonUpcase<EquivDomainData>, headers: Headers, conn: Db match user.save(&conn) { Ok(()) => Ok(Json(json!({}))), - Err(_) => err!("Failed to save user") + Err(_) => err!("Failed to save user"), } - } #[put("/settings/domains", data = "<data>")] diff --git a/src/main.rs b/src/main.rs @@ -24,6 +24,9 @@ mod auth; mod mail; fn init_rocket() -> Rocket { + + // TODO: TO HIDE MOUNTING LOG, call ignite, set logging to disabled, call all the mounts, and then enable it again + rocket::ignite() .mount("/", api::web_routes()) .mount("/api", api::core_routes()) @@ -77,6 +80,7 @@ fn init_logging() -> Result<(), fern::InitError> { .level(log::LevelFilter::Debug) .level_for("hyper", log::LevelFilter::Warn) .level_for("ws", log::LevelFilter::Info) + .level_for("multipart", log::LevelFilter::Info) .chain(std::io::stdout()); if let Some(log_file) = CONFIG.log_file.as_ref() {