octoleo
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3831 from BlackDex/fix-3819 

Fix Login With Device without MasterPassword
This commit is contained in:
Daniel García 2023-09-02 14:41:44 +02:00 committed by GitHub
parent d3a1d875d5 d18b793c71
commit bbd630f1ee
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 53 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
migrations/mysql/2023-09-01-170620_update_auth_request_table/down.sql Normal file
View File

5
migrations/mysql/2023-09-01-170620_update_auth_request_table/up.sql Normal file
View File

@ -0,0 +1,5 @@
ALTER TABLE auth_requests
MODIFY master_password_hash TEXT;
ALTER TABLE auth_requests
MODIFY enc_key TEXT;

0
migrations/postgresql/2023-09-01-170620_update_auth_request_table/down.sql Normal file
View File

5
migrations/postgresql/2023-09-01-170620_update_auth_request_table/up.sql Normal file
View File

@ -0,0 +1,5 @@
ALTER TABLE auth_requests
ALTER COLUMN master_password_hash DROP NOT NULL;
ALTER TABLE auth_requests
ALTER COLUMN enc_key DROP NOT NULL;

0
migrations/sqlite/2023-09-01-170620_update_auth_request_table/down.sql Normal file
View File

29
migrations/sqlite/2023-09-01-170620_update_auth_request_table/up.sql Normal file
View File

@ -0,0 +1,29 @@
-- Create new auth_requests table with master_password_hash as nullable column
CREATE TABLE auth_requests_new (
uuid TEXT NOT NULL PRIMARY KEY,
user_uuid TEXT NOT NULL,
organization_uuid TEXT,
request_device_identifier TEXT NOT NULL,
device_type INTEGER NOT NULL,
request_ip TEXT NOT NULL,
response_device_id TEXT,
access_code TEXT NOT NULL,
public_key TEXT NOT NULL,
enc_key TEXT,
master_password_hash TEXT,
approved BOOLEAN,
creation_date DATETIME NOT NULL,
response_date DATETIME,
authentication_date DATETIME,
FOREIGN KEY (user_uuid) REFERENCES users (uuid),
FOREIGN KEY (organization_uuid) REFERENCES organizations (uuid)
);
-- Transfer current data to new table
INSERT INTO auth_requests_new SELECT * FROM auth_requests;
-- Drop the old table
DROP TABLE auth_requests;
-- Rename the new table to the original name
ALTER TABLE auth_requests_new RENAME TO auth_requests;

4
src/api/core/accounts.rs
View File

@ -1090,7 +1090,7 @@ async fn get_auth_request(uuid: &str, mut conn: DbConn) -> JsonResult {
struct AuthResponseRequest {
deviceIdentifier: String,
key: String,
masterPasswordHash: String,
masterPasswordHash: Option<String>,
requestApproved: bool,
}
@ -1111,7 +1111,7 @@ async fn put_auth_request(
};
auth_request.approved = Some(data.requestApproved);
auth_request.enc_key = data.key;
auth_request.enc_key = Some(data.key);
auth_request.master_password_hash = data.masterPasswordHash;
auth_request.response_device_id = Some(data.deviceIdentifier.clone());
auth_request.save(&mut conn).await?;

8
src/db/models/auth_request.rs
View File

@ -20,9 +20,9 @@ db_object! {
pub access_code: String,
pub public_key: String,
pub enc_key: String,
pub enc_key: Option<String>,
pub master_password_hash: String,
pub master_password_hash: Option<String>,
pub approved: Option<bool>,
pub creation_date: NaiveDateTime,
pub response_date: Option<NaiveDateTime>,
@ -53,8 +53,8 @@ impl AuthRequest {
response_device_id: None,
access_code,
public_key,
enc_key: String::new(),
master_password_hash: String::new(),
enc_key: None,
master_password_hash: None,
approved: None,
creation_date: now,
response_date: None,

5
src/db/schemas/mysql/schema.rs
View File

@ -297,8 +297,8 @@ table! {
response_device_id -> Nullable<Text>,
access_code -> Text,
public_key -> Text,
enc_key -> Text,
master_password_hash -> Text,
enc_key -> Nullable<Text>,
master_password_hash -> Nullable<Text>,
approved -> Nullable<Bool>,
creation_date -> Timestamp,
response_date -> Nullable<Timestamp>,
@ -324,6 +324,7 @@ joinable!(users_collections -> collections (collection_uuid));
joinable!(users_collections -> users (user_uuid));
joinable!(users_organizations -> organizations (org_uuid));
joinable!(users_organizations -> users (user_uuid));
joinable!(users_organizations -> ciphers (org_uuid));
joinable!(organization_api_key -> organizations (org_uuid));
joinable!(emergency_access -> users (grantor_uuid));
joinable!(groups -> organizations (organizations_uuid));

5
src/db/schemas/postgresql/schema.rs
View File

@ -297,8 +297,8 @@ table! {
response_device_id -> Nullable<Text>,
access_code -> Text,
public_key -> Text,
enc_key -> Text,
master_password_hash -> Text,
enc_key -> Nullable<Text>,
master_password_hash -> Nullable<Text>,
approved -> Nullable<Bool>,
creation_date -> Timestamp,
response_date -> Nullable<Timestamp>,
@ -324,6 +324,7 @@ joinable!(users_collections -> collections (collection_uuid));
joinable!(users_collections -> users (user_uuid));
joinable!(users_organizations -> organizations (org_uuid));
joinable!(users_organizations -> users (user_uuid));
joinable!(users_organizations -> ciphers (org_uuid));
joinable!(organization_api_key -> organizations (org_uuid));
joinable!(emergency_access -> users (grantor_uuid));
joinable!(groups -> organizations (organizations_uuid));

4
src/db/schemas/sqlite/schema.rs
View File

@ -297,8 +297,8 @@ table! {
response_device_id -> Nullable<Text>,
access_code -> Text,
public_key -> Text,
enc_key -> Text,
master_password_hash -> Text,
enc_key -> Nullable<Text>,
master_password_hash -> Nullable<Text>,
approved -> Nullable<Bool>,
creation_date -> Timestamp,
response_date -> Nullable<Timestamp>,