Commit graph

2387 commits

Author SHA1 Message Date
Jeremy Lin
0a2a8be0ff
Take ROCKET_ADDRESS into account in the Docker healthcheck 2022-10-20 01:04:09 -07:00
Daniel García
720a046610
Merge pull request #2804 from stefan0xC/verify-on-invite
verify email on registration by invite
2022-10-19 23:09:47 +02:00
Stefan Melmuk
64ae5d4f81
verify email on registration via invite link
if `SIGNUPS_VERIFY` is enabled new users that have been invited have
their onboarding flow interrupted because they have to first verify
their mail address before they can join an organization.

we can skip the extra verication of the email address when signing up
because a valid invitation token already means that the email address is
working and we don't allow invited users to signup with a different
address.

unfortunately, this is not possible with emergency access invitations
at the moment as they are handled differently.
2022-10-19 22:44:17 +02:00
Daniel García
ff7e22c08a
Merge pull request #2840 from jjlin/global-domains
Sync global_domains.json
2022-10-19 21:56:22 +02:00
Jeremy Lin
0c267d073f
Sync global_domains.json to bitwarden/server@ea300b2 (Amazon) 2022-10-19 12:33:04 -07:00
Daniel García
bbc6470f65
Merge branch 'BlackDex-fix-password-hint' 2022-10-19 20:40:24 +02:00
Stefan Melmuk
23f1f8a576
allow registration without invite link
if signups are allowed invited users should be able to complete their
registration even when they don't have the invite link at hand.
2022-10-19 20:39:14 +02:00
Stefan Melmuk
0e6f6e612a
use static_files() for email attachments
Apply suggestions from code review

Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>
2022-10-19 20:39:13 +02:00
Stefan Melmuk
4d1b860dad
attach images to email
Set SMTP_EMBED_IMAGES option to false if you don't want to attach images
to the mail.

NOTE: If you have customized the template files `email_header.hbs` and
`email_footer.hbs` you can replace `{url}/vw_static/` to `{img_url}`
to support both URL schemes
2022-10-19 20:39:13 +02:00
Stefan Melmuk
6576914e55
fix invitations of new users when mail is disabled
If you add a new user that has already been Invited to another
organization they will be Accepted automatically. This should not be
possible because they cannot be Confirmed until they have completed
their registration. It is also not necessary because their invitation
will be accepted automatically once they register.
2022-10-19 20:39:07 +02:00
Daniel García
12075639f3
Merge branch 'stefan0xC-allow-registration-without-invite-link' 2022-10-19 20:23:30 +02:00
Stefan Melmuk
3b9bfe55d0
use static_files() for email attachments
Apply suggestions from code review

Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>
2022-10-19 20:23:24 +02:00
Stefan Melmuk
a0c6a7c0de
attach images to email
Set SMTP_EMBED_IMAGES option to false if you don't want to attach images
to the mail.

NOTE: If you have customized the template files `email_header.hbs` and
`email_footer.hbs` you can replace `{url}/vw_static/` to `{img_url}`
to support both URL schemes
2022-10-19 20:23:24 +02:00
Stefan Melmuk
a2d716aec3
fix invitations of new users when mail is disabled
If you add a new user that has already been Invited to another
organization they will be Accepted automatically. This should not be
possible because they cannot be Confirmed until they have completed
their registration. It is also not necessary because their invitation
will be accepted automatically once they register.
2022-10-19 20:23:24 +02:00
Daniel García
c1c60e3b68
Merge branch 'stefan0xC-email-attach-images' 2022-10-19 20:22:03 +02:00
Stefan Melmuk
ed6e852904
fix invitations of new users when mail is disabled
If you add a new user that has already been Invited to another
organization they will be Accepted automatically. This should not be
possible because they cannot be Confirmed until they have completed
their registration. It is also not necessary because their invitation
will be accepted automatically once they register.
2022-10-19 20:21:58 +02:00
Daniel García
a54065420c
Merge branch 'stefan0xC-fix-invitation-of-new-users' 2022-10-19 20:20:14 +02:00
Stefan Melmuk
aa5a05960e
allow registration without invite link
if signups are allowed invited users should be able to complete their
registration even when they don't have the invite link at hand.
2022-10-18 12:49:07 +02:00
BlackDex
f41ba2a60f
Fix master password hint update not working.
- The Master Password Hint input has changed it's location to the
password update form. This PR updates the the code to process this.

- Also changed the `ProfileData` struct to exclude `Culture` and
`MasterPasswordHint`, since both are not used at all, and when not
defined they will also not be allocated.

Fixes #2833
2022-10-17 17:23:21 +02:00
Stefan Melmuk
2215cfefb9
fix invitations of new users when mail is disabled
If you add a new user that has already been Invited to another
organization they will be Accepted automatically. This should not be
possible because they cannot be Confirmed until they have completed
their registration. It is also not necessary because their invitation
will be accepted automatically once they register.
2022-10-15 16:19:26 +02:00
Stefan Melmuk
4289663a16
use static_files() for email attachments
Apply suggestions from code review

Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>
2022-10-15 04:59:33 +02:00
Stefan Melmuk
ea19c2250e
attach images to email
Set SMTP_EMBED_IMAGES option to false if you don't want to attach images
to the mail.

NOTE: If you have customized the template files `email_header.hbs` and
`email_footer.hbs` you can replace `{url}/vw_static/` to `{img_url}`
to support both URL schemes
2022-10-15 04:59:31 +02:00
Daniel García
638766b346
Update web-vault to 2022.10.0 and dependencies 2022-10-14 18:21:01 +02:00
Daniel García
d1ff136552
Merge branch 'stefan0xC-check-data-folder-permissions' 2022-10-14 17:56:48 +02:00
Jeremy Lin
46ec11de12
Update CSP for DuckDuckGo email forwarding
Upstream PR: https://github.com/bitwarden/clients/pull/3630
2022-10-14 17:56:42 +02:00
Jeremy Lin
4283a49e0b
Reformat CSP header for readability 2022-10-14 17:56:42 +02:00
Jeremy Lin
1e32db8c41
Add CreationDate to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-14 17:56:42 +02:00
Stefan Melmuk
0f944ec7e2
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:56:41 +02:00
Daniel García
736dbc9553
Merge branch 'jjlin-csp' 2022-10-14 17:56:03 +02:00
Jeremy Lin
b4a38f1f63
Add CreationDate to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-14 17:56:00 +02:00
Stefan Melmuk
646186fe38
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:55:59 +02:00
Daniel García
c2725916f4
Merge branch 'jjlin-creation-date' 2022-10-14 17:55:31 +02:00
Stefan Melmuk
fd334e2b7d
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:55:27 +02:00
Daniel García
f9feca1ce4
Merge branch 'stefan0xC-fix-link-in-license-badge' 2022-10-14 17:54:57 +02:00
Stefan Melmuk
677fd2ff32
fix link of license badge
master branch has been renamed to main.
2022-10-12 20:18:18 +02:00
Jeremy Lin
f49eb8eb4d
Add CreationDate to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-12 00:17:09 -07:00
Jeremy Lin
b0e0d68632
Update CSP for DuckDuckGo email forwarding
Upstream PR: https://github.com/bitwarden/clients/pull/3630
2022-10-11 21:39:12 -07:00
Jeremy Lin
f3c8c16d79
Reformat CSP header for readability 2022-10-11 21:39:02 -07:00
Stefan Melmuk
2dd5086916
more verbose permission denied error
be a bit more verbose about why a file could not be created when it is
caused by a permission denied error.
2022-10-12 01:31:10 +02:00
Stefan Melmuk
7532072d50
add check if data folder is a directory 2022-10-12 01:26:28 +02:00
Daniel García
382e6107fe
Update dependencies 2022-10-09 17:40:45 +02:00
Daniel García
e6c6609e19
8bit Solutions LLC. -> Bitwarden, Inc. 2022-10-09 17:13:46 +02:00
Daniel García
4cb5918950
Update web vault to v2022.9.2 2022-10-09 17:13:32 +02:00
Daniel García
55030f3687
Merge branch 'stefan0xC-return-token-expired-message' 2022-10-09 16:22:33 +02:00
Stefan Melmuk
ef4072e4ff
improve spelling of minimum expiration hours check
Co-authored-by: Helmut K. C. Tessarek <tessarek@evermeet.cx>
2022-10-09 16:21:13 +02:00
Stefan Melmuk
c78d383ed1
make invitation expiration time configurable
configure the number of hours after which organization invites,
emergency access invites, email verification emails and account deletion
requests expire (defaults to 5 days or 120 hours and must be atleast 1)
2022-10-09 16:21:13 +02:00
Stefan Melmuk
5b96270874
return "Object" for consistency
Co-authored-by: Jeremy Lin <jjlin@users.noreply.github.com>
2022-10-09 16:21:12 +02:00
Stefan Melmuk
2c0742387b
return CaptchaBypassToken and register object 2022-10-09 16:21:12 +02:00
Stefan Melmuk
1704d14f29
v2022.9.2 expects a json response when registering 2022-10-09 16:21:12 +02:00
Stefan Melmuk
2d7ffbf378
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-10-09 16:21:11 +02:00