vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README
commit f41ba2a60f161dde69f0a42ad9cf5d896a64e874
parent 638766b346dc0e00c5db7935d21e48354d632335
Author: BlackDex <black.dex@gmail.com>
Date:   Mon, 17 Oct 2022 17:23:21 +0200

Fix master password hint update not working.

- The Master Password Hint input has changed it's location to the
password update form. This PR updates the the code to process this.

- Also changed the `ProfileData` struct to exclude `Culture` and
`MasterPasswordHint`, since both are not used at all, and when not
defined they will also not be allocated.

Fixes #2833

Diffstat:

Msrc/api/core/accounts.rs | 11++++++-----


1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs
@@ -193,9 +193,8 @@ async fn profile(headers: Headers, conn: DbConn) -> Json<Value> {
 #[derive(Deserialize, Debug)]
 #[allow(non_snake_case)]
 struct ProfileData {
-    #[serde(rename = "Culture")]
-    _Culture: String, // Ignored, always use en-US
-    MasterPasswordHint: Option<String>,
+    // Culture: String, // Ignored, always use en-US
+    // MasterPasswordHint: Option<String>, // Ignored, has been moved to ChangePassData
     Name: String,
 }
 
@@ -216,8 +215,6 @@ async fn post_profile(data: JsonUpcase<ProfileData>, headers: Headers, conn: DbC
 
     let mut user = headers.user;
     user.name = data.Name;
-    user.password_hint = clean_password_hint(&data.MasterPasswordHint);
-    enforce_password_hint_setting(&user.password_hint)?;
 
     user.save(&conn).await?;
     Ok(Json(user.to_json(&conn).await))
@@ -260,6 +257,7 @@ async fn post_keys(data: JsonUpcase<KeysData>, headers: Headers, conn: DbConn) -
 struct ChangePassData {
     MasterPasswordHash: String,
     NewMasterPasswordHash: String,
+    MasterPasswordHint: Option<String>,
     Key: String,
 }
 
@@ -272,6 +270,9 @@ async fn post_password(data: JsonUpcase<ChangePassData>, headers: Headers, conn:
         err!("Invalid password")
     }
 
+    user.password_hint = clean_password_hint(&data.MasterPasswordHint);
+    enforce_password_hint_setting(&user.password_hint)?;
+
     user.set_password(
         &data.NewMasterPasswordHash,
         Some(vec![String::from("post_rotatekey"), String::from("get_contacts"), String::from("get_public_keys")]),