vaultwarden/src/api/web.rs

97 lines
4.1 KiB
Rust
Raw Normal View History

2018-02-10 01:00:55 +01:00
use std::path::{Path, PathBuf};
use rocket::serde::json::Json;
use rocket::{fs::NamedFile, http::ContentType, Route};
use serde_json::Value;
2018-02-10 01:00:55 +01:00
2021-07-15 21:52:17 +02:00
use crate::{
api::core::now,
2021-07-15 21:52:17 +02:00
error::Error,
util::{Cached, SafeString},
CONFIG,
};
2018-02-10 01:00:55 +01:00
pub fn routes() -> Vec<Route> {
2019-12-27 18:37:14 +01:00
// If addding more routes here, consider also adding them to
// crate::utils::LOGGED_ROUTES to make sure they appear in the log
if CONFIG.web_vault_enabled() {
routes![web_index, app_id, web_files, attachments, alive, static_files]
} else {
2019-08-31 17:25:31 +02:00
routes![attachments, alive, static_files]
}
2018-02-10 01:00:55 +01:00
}
#[get("/")]
async fn web_index() -> Cached<Option<NamedFile>> {
Cached::short(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join("index.html")).await.ok(), false)
2018-02-10 01:00:55 +01:00
}
#[get("/app-id.json")]
fn app_id() -> Cached<(ContentType, Json<Value>)> {
2018-07-13 15:05:00 +02:00
let content_type = ContentType::new("application", "fido.trusted-apps+json");
Cached::long(
(
content_type,
Json(json!({
"trustedFacets": [
{
"version": { "major": 1, "minor": 0 },
"ids": [
// Per <https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-appid-and-facets-v2.0-id-20180227.html#determining-the-facetid-of-a-calling-application>:
//
// "In the Web case, the FacetID MUST be the Web Origin [RFC6454]
// of the web page triggering the FIDO operation, written as
// a URI with an empty path. Default ports are omitted and any
// path component is ignored."
//
// This leaves it unclear as to whether the path must be empty,
// or whether it can be non-empty and will be ignored. To be on
// the safe side, use a proper web origin (with empty path).
&CONFIG.domain_origin(),
"ios:bundle-id:com.8bit.bitwarden",
"android:apk-key-hash:dUGFzUzf3lmHSLBDBIv+WaFyZMI" ]
}]
})),
),
true,
)
}
#[get("/<p..>", rank = 10)] // Only match this if the other routes don't match
async fn web_files(p: PathBuf) -> Cached<Option<NamedFile>> {
Cached::long(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join(p)).await.ok(), true)
2018-02-10 01:00:55 +01:00
}
#[get("/attachments/<uuid>/<file_id>")]
async fn attachments(uuid: SafeString, file_id: SafeString) -> Option<NamedFile> {
NamedFile::open(Path::new(&CONFIG.attachments_folder()).join(uuid).join(file_id)).await.ok()
2018-02-10 01:00:55 +01:00
}
// We use DbConn here to let the alive healthcheck also verify the database connection.
use crate::db::DbConn;
2018-02-10 01:00:55 +01:00
#[get("/alive")]
fn alive(_conn: DbConn) -> Json<String> {
now()
2018-02-10 01:00:55 +01:00
}
2019-02-16 03:44:30 +01:00
Remove references to "bwrs" #2195 Squashed commit of the following: commit 1bdf1c7954e0731c95703d10118f3874ab5155d3 Merge: 8ba6e61 7257251 Author: Daniel García <dani-garcia@users.noreply.github.com> Date: Sun Jan 23 23:40:17 2022 +0100 Merge branch 'remove-bwrs' of https://github.com/RealOrangeOne/vaultwarden into RealOrangeOne-remove-bwrs commit 7257251ecf23af18deb894e8f2e5519a15360c76 Author: Jake Howard <git@theorangeone.net> Date: Thu Jan 6 17:48:18 2022 +0000 Use `or_else` to save potentially unnecessary function call commit 40ae81dd3c43a596375d5bfdcc00053e786328cc Author: Jake Howard <git@theorangeone.net> Date: Wed Jan 5 21:18:24 2022 +0000 Move $BWRS_VERSION fallback into build.rs commit 743ef74b307a662960f3ca1b9636f3608506516d Author: Jake Howard <git@theorangeone.net> Date: Sat Jan 1 23:08:27 2022 +0000 Revert "Add feature to enable use of `Option::or` in const context" This reverts commit fe8e043b8aaf77c083747bf11760f29b53df0bba. We want to run on stable soon, where these features are not supported commit a1f0da638c8b6ba32209318b105bde1efdd47082 Author: Jake Howard <git@theorangeone.net> Date: Sat Jan 1 13:04:47 2022 +0000 Rename web vault version file https://github.com/dani-garcia/bw_web_builds/pull/58 commit fe8e043b8aaf77c083747bf11760f29b53df0bba Author: Jake Howard <git@theorangeone.net> Date: Sat Jan 1 12:56:44 2022 +0000 Add feature to enable use of `Option::or` in const context commit 687435c8b2b995e90bf6f0ee619bc305e37bc183 Author: Jake Howard <git@theorangeone.net> Date: Sat Jan 1 12:27:28 2022 +0000 Continue to allow using `$BWRS_VERSION` commit 8e2f708e5037db8071251c582ebaf1a97d8e5923 Author: Jake Howard <git@theorangeone.net> Date: Fri Dec 31 11:41:34 2021 +0000 Remove references to "bwrs" The only remaining one is getting the version of the web vault, which requires coordinating with the web vault patching.
2022-01-23 23:40:59 +01:00
#[get("/vw_static/<filename>")]
fn static_files(filename: String) -> Result<(ContentType, &'static [u8]), Error> {
2019-02-16 03:44:30 +01:00
match filename.as_ref() {
"mail-github.png" => Ok((ContentType::PNG, include_bytes!("../static/images/mail-github.png"))),
"logo-gray.png" => Ok((ContentType::PNG, include_bytes!("../static/images/logo-gray.png"))),
"error-x.svg" => Ok((ContentType::SVG, include_bytes!("../static/images/error-x.svg"))),
"hibp.png" => Ok((ContentType::PNG, include_bytes!("../static/images/hibp.png"))),
"vaultwarden-icon.png" => Ok((ContentType::PNG, include_bytes!("../static/images/vaultwarden-icon.png"))),
"bootstrap.css" => Ok((ContentType::CSS, include_bytes!("../static/scripts/bootstrap.css"))),
"bootstrap-native.js" => Ok((ContentType::JavaScript, include_bytes!("../static/scripts/bootstrap-native.js"))),
"identicon.js" => Ok((ContentType::JavaScript, include_bytes!("../static/scripts/identicon.js"))),
"datatables.js" => Ok((ContentType::JavaScript, include_bytes!("../static/scripts/datatables.js"))),
"datatables.css" => Ok((ContentType::CSS, include_bytes!("../static/scripts/datatables.css"))),
"jquery-3.6.0.slim.js" => {
Ok((ContentType::JavaScript, include_bytes!("../static/scripts/jquery-3.6.0.slim.js")))
2021-04-06 22:54:42 +02:00
}
_ => err!(format!("Static file not found: {}", filename)),
2019-02-16 03:44:30 +01:00
}
2019-12-27 18:37:14 +01:00
}