vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit e66436625ce81d1a757f11d1bed5c5fcd8b5392f
parent 24a4478b5c1056cce0dee9bc11958abe406a34f9
Author: Stepan Fedorko-Bartos <step7750@gmail.com>
Date:   Thu, 15 Nov 2018 18:40:27 -0700

Adds Yubico Client ID and Secret Key Env Vars

Diffstat:
M.env | 7+++++++
Msrc/main.rs | 12++++++++++++
2 files changed, 19 insertions(+), 0 deletions(-)

diff --git a/.env b/.env @@ -40,6 +40,13 @@ ## For U2F to work, the server must use HTTPS, you can use Let's Encrypt for free certs # DOMAIN=https://bw.domain.tld:8443 +## Yubico (Yubikey) Settings +## Set your Client ID and Secret Key for Yubikey OTP +## You can generate it here: https://upgrade.yubico.com/getapikey/ +## TODO: Allow choosing custom YubiCloud server +# YUBICO_CLIENT_ID=11111 +# YUBICO_SECRET_KEY=AAAAAAAAAAAAAAAAAAAAAAAA + ## Rocket specific settings, check Rocket documentation to learn more # ROCKET_ENV=staging # ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app diff --git a/src/main.rs b/src/main.rs @@ -25,6 +25,7 @@ extern crate oath; extern crate data_encoding; extern crate jsonwebtoken as jwt; extern crate u2f; +extern crate yubico; extern crate dotenv; #[macro_use] extern crate lazy_static; @@ -245,6 +246,10 @@ pub struct Config { domain: String, domain_set: bool, + yubico_cred_set: bool, + yubico_client_id: String, + yubico_secret_key: String, + mail: Option<MailConfig>, } @@ -258,6 +263,9 @@ impl Config { let domain = get_env("DOMAIN"); + let yubico_client_id = get_env("YUBICO_CLIENT_ID"); + let yubico_secret_key = get_env("YUBICO_SECRET_KEY"); + Config { database_url: get_env_or("DATABASE_URL", format!("{}/{}", &df, "db.sqlite3")), icon_cache_folder: get_env_or("ICON_CACHE_FOLDER", format!("{}/{}", &df, "icon_cache")), @@ -283,6 +291,10 @@ impl Config { domain_set: domain.is_some(), domain: domain.unwrap_or("http://localhost".into()), + yubico_cred_set: yubico_client_id.is_some() && yubico_secret_key.is_some(), + yubico_client_id: yubico_client_id.unwrap_or("00000".into()), + yubico_secret_key: yubico_secret_key.unwrap_or("AAAAAAA".into()), + mail: MailConfig::load(), } }