nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-01 08:02:49 -05:00
Code Activity
3,589 Commits 398 Branches 206 Tags
19916a0dcf0fd97748e3802f96c6ee6240f93005
Commit Graph

9 Commits

Author SHA1 Message Date
Todd Martin
19916a0dcf Changed query for device to include userId 
(cherry picked from commit 5e3f6db64b)
 2022-11-11 15:07:28 -05:00
Todd Martin
14074e1e33 [SG-701] Updated controller to not send notification if request was denied (#2375) 
* Updated controller to not send response if request was denied.

* Linting
 2022-10-31 21:31:07 -04:00
Gbubemi Smith
9703fb6874 [SG-762] Prevent approving request on second device after denying on first (#2370) 
* Added check to ensure a passwordless request is not acted upon multiple times

* Corrected grammer
 2022-10-28 11:58:05 -04:00
Gbubemi Smith
351f62866b [SG-763] Store the fact that a Passwordless request was denied in the AuthRequest table (#2363) 
* Added migrations for sqlserver and mysql

* Added migrations for postgres

* renamed mysql migration script to make naming uniform

* introduced approved field to the update auth request controller;This change would keep track of denied passwordless requests

* Recreated the authRequestView, introduced the approved field to the create procedure and updated the response model

* Formatted code

* fixed incorrect syntax in the AuthRequest_Create.sql SP
 2022-10-25 17:14:48 -04:00
Addison Beck
54354237ba [SG-686] Correctly format AuthRequestResponse.Origin (#2325) 
* Remove hardcoded URL case from AuthRequestResponse

* Just use URI host for AuthRequestResponse.Origin
 2022-10-04 11:06:01 -04:00
Addison Beck
707a39972b [SG-617] [SG-697] [SG-686] Fix various minor passwordless bugs (#2320) 
* Only push auth request responses if the request is approved

* Add error message when an unknown device tries to send an auth request

* Send the vault URL for self hosted auth requests
 2022-10-03 11:37:37 -04:00
Addison Beck
c8783ced6d Use a user-based known device check (#2318) 2022-09-30 09:45:07 -04:00
Addison Beck
53f6ec0a71 [SG-692] Block unknown devices from using passwordless auth (#2315) 
* Block unknown devices from initiating auth requests

* Rename anonymousHub route to anonymous-hub
 2022-09-29 14:10:21 -04:00
Addison Beck
02bea3c48d [SG-167] Implement Passwordless Authentication via Notifications (#2276) 
* [SG-549] Commit Initial AuthRequest Repository (#2174)

* Model Passwordless

* Scaffold database for Passwordless

* Implement SQL Repository

* [SG-167] Base Passwordless API (#2185)

* Implement Passwordless notifications

* Implement Controller

* Add documentation to BaseRequestValidator

* Register AuthRequestRepo

* Remove ExpirationDate from the AuthRequest table

* [SG-407] Create job to delete expired requests (#2187)

* chore: init

* remove exp date

* fix: log name

* [SG-167] Added fingerprint phrase to response model. (#2233)

* Remove FailedLoginAttempt logic

* Block unknown devices

* Add EF Support for passwordless

* Got SignalR working for responses

* Added delete job method to EF repo

* Implement a GetMany API endpoint for AuthRequests

* Ran dotnet format

* Fix a merge issues

* Redated migration scripts

* tried sorting sqlproj

* Remove FailedLoginAttempts from SQL

* Groom Postgres script

* Remove extra commas from migration script

* Correct isSpent()

* [SG-167] Adde identity validation for passwordless requests. Registered IAuthRepository.

* [SG-167] Added origin of the request to response model

* Use display name for device identifier in response

* Add datetime conversions back to postgres migration script

* [SG-655] Add anonymous endpoint for checking if a device & user combo match

* [review] Consolidate error conditions

Co-authored-by: Brandon Maharaj <107377945+BrandonM-Bitwarden@users.noreply.github.com>
Co-authored-by: André Filipe da Silva Bispo <andrefsbispo@hotmail.com>
Co-authored-by: André Bispo <abispo@bitwarden.com>
 2022-09-26 13:21:13 -04:00