vaultwarden/src
BlackDex de157b2654
Admin token Argon2 hashing support
Added support for Argon2 hashing support for the `ADMIN_TOKEN` instead
of only supporting a plain text string.

The hash must be a PHC string which can be generated via the `argon2`
CLI **or** via the also built-in hash command in Vaultwarden.

You can simply run `vaultwarden hash` to generate a hash based upon a
password the user provides them self.

Added a warning during startup and within the admin settings panel is
the `ADMIN_TOKEN` is not an Argon2 hash.

Within the admin environment a user can ignore that warning and it will
not be shown for at least 30 days. After that the warning will appear
again unless the `ADMIN_TOKEN` has be converted to an Argon2 hash.

I have also tested this on my RaspberryPi 2b and there the `Bitwarden`
preset takes almost 4.5 seconds to generate/verify the Argon2 hash.

Using the `OWASP` preset it is below 1 second, which I think should be
fine for low-graded hardware. If it is needed people could use lower
memory settings, but in those cases I even doubt Vaultwarden it self
would run. They can always use the `argon2` CLI and generate a faster hash.
2023-03-04 16:15:30 +01:00
..
api Admin token Argon2 hashing support 2023-03-04 16:15:30 +01:00
db Merge pull request #3281 from BlackDex/fix-web-vault-issues 2023-02-28 23:45:59 +01:00
static Admin token Argon2 hashing support 2023-03-04 16:15:30 +01:00
auth.rs Apply rewording 2023-02-21 21:37:24 +01:00
config.rs Admin token Argon2 hashing support 2023-03-04 16:15:30 +01:00
crypto.rs Remove get_random_64() 2022-11-13 10:03:06 +01:00
error.rs Cleanups and Fixes for Emergency Access 2022-12-04 23:17:48 +01:00
mail.rs Add support for sendmail as a mail transport 2023-02-12 18:54:59 +01:00
main.rs Admin token Argon2 hashing support 2023-03-04 16:15:30 +01:00
ratelimit.rs Basic ratelimit for user login (including 2FA) and admin login 2021-12-22 21:48:49 +01:00
util.rs add argon2 kdf fields 2023-02-07 13:52:52 -05:00