vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 8d1ee859f28563b72fd57011eef230de5834d314
parent c91f80c456b9f7f55cc75a61cf835ab56d9f0a59
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Fri, 24 Aug 2018 19:02:34 +0200

Implemented basic support for prelogin and notification negotiation

Diffstat:
Msrc/api/core/accounts.rs | 28++++++++++++++++++++++++++++
Msrc/api/core/mod.rs | 1+
Msrc/api/mod.rs | 2++
Asrc/api/notifications.rs | 32++++++++++++++++++++++++++++++++
Msrc/main.rs | 1+
5 files changed, 64 insertions(+), 0 deletions(-)

diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs @@ -275,3 +275,31 @@ fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResul None => Ok(()), } } + +#[derive(Deserialize)] +#[allow(non_snake_case)] +struct PreloginData { + Email: String, +} + +#[post("/accounts/prelogin", data = "<data>")] +fn prelogin(data: JsonUpcase<PreloginData>, conn: DbConn) -> JsonResult { + let data: PreloginData = data.into_inner().data; + + match User::find_by_mail(&data.Email, &conn) { + Some(user) => { + let kdf_type = 0; // PBKDF2: 0 + + let _server_iter = user.password_iterations; + let client_iter = 5000; // TODO: Make iterations user configurable + + + Ok(Json(json!({ + "Kdf": kdf_type, + "KdfIterations": client_iter + }))) + }, + None => err!("Invalid user"), + } +} + diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs @@ -25,6 +25,7 @@ pub fn routes() -> Vec<Route> { delete_account, revision_date, password_hint, + prelogin, sync, diff --git a/src/api/mod.rs b/src/api/mod.rs @@ -2,11 +2,13 @@ pub(crate) mod core; mod icons; mod identity; mod web; +mod notifications; pub use self::core::routes as core_routes; pub use self::icons::routes as icons_routes; pub use self::identity::routes as identity_routes; pub use self::web::routes as web_routes; +pub use self::notifications::routes as notifications_routes; use rocket::response::status::BadRequest; use rocket_contrib::Json; diff --git a/src/api/notifications.rs b/src/api/notifications.rs @@ -0,0 +1,31 @@ +use rocket::Route; +use rocket_contrib::Json; + +use db::DbConn; +use api::JsonResult; +use auth::Headers; + +pub fn routes() -> Vec<Route> { + routes![negotiate] +} + +#[post("/hub/negotiate")] +fn negotiate(_headers: Headers, _conn: DbConn) -> JsonResult { + use data_encoding::BASE64URL; + use crypto; + + // Store this in db? + let conn_id = BASE64URL.encode(&crypto::get_random(vec![0u8; 16])); + + // TODO: Implement transports + // Rocket WS support: https://github.com/SergioBenitez/Rocket/issues/90 + // Rocket SSE support: https://github.com/SergioBenitez/Rocket/issues/33 + Ok(Json(json!({ + "connectionId": conn_id, + "availableTransports":[ + // {"transport":"WebSockets", "transferFormats":["Text","Binary"]}, + // {"transport":"ServerSentEvents", "transferFormats":["Text"]}, + // {"transport":"LongPolling", "transferFormats":["Text","Binary"]} + ] + }))) +} +\ No newline at end of file diff --git a/src/main.rs b/src/main.rs @@ -45,6 +45,7 @@ fn init_rocket() -> Rocket { .mount("/api", api::core_routes()) .mount("/identity", api::identity_routes()) .mount("/icons", api::icons_routes()) + .mount("/notifications", api::notifications_routes()) .manage(db::init_pool()) }