bitwarden_rs/src/api/web.rs

use std::path::{Path, PathBuf};

use rocket::http::ContentType;
use rocket::response::content::Content;
use rocket::response::NamedFile;
use rocket::Route;
use rocket_contrib::json::Json;
use serde_json::Value;

use crate::util::Cached;
use crate::error::Error;
use crate::CONFIG;

pub fn routes() -> Vec<Route> {
    if CONFIG.web_vault_enabled() {
        routes![web_index, app_id, web_files, attachments, alive, static_files]
    } else {
        routes![attachments, alive, static_files]
    }
}

#[get("/")]
fn web_index() -> Cached<Option<NamedFile>> {
    Cached::short(NamedFile::open(
        Path::new(&CONFIG.web_vault_folder()).join("index.html"),
    ).ok())
}

#[get("/app-id.json")]
fn app_id() -> Cached<Content<Json<Value>>> {
    let content_type = ContentType::new("application", "fido.trusted-apps+json");

    Cached::long(Content(
        content_type,
        Json(json!({
        "trustedFacets": [
            {
            "version": { "major": 1, "minor": 0 },
            "ids": [
                &CONFIG.domain(),
                "ios:bundle-id:com.8bit.bitwarden",
                "android:apk-key-hash:dUGFzUzf3lmHSLBDBIv+WaFyZMI" ]
            }]
        })),
    ))
}

#[get("/<p..>", rank = 10)] // Only match this if the other routes don't match
fn web_files(p: PathBuf) -> Cached<Option<NamedFile>> {
    Cached::long(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join(p)).ok())
}

#[get("/attachments/<uuid>/<file..>")]
fn attachments(uuid: String, file: PathBuf) -> Option<NamedFile> {
    NamedFile::open(Path::new(&CONFIG.attachments_folder()).join(uuid).join(file)).ok()
}

#[get("/alive")]
fn alive() -> Json<String> {
    use crate::util::format_date;
    use chrono::Utc;

    Json(format_date(&Utc::now().naive_utc()))
}

#[get("/bwrs_static/<filename>")]
fn static_files(filename: String) -> Result<Content<&'static [u8]>, Error> {
    match filename.as_ref() {
        "mail-github.png" => Ok(Content(ContentType::PNG, include_bytes!("../static/images/mail-github.png"))),
        "logo-gray.png" => Ok(Content(ContentType::PNG, include_bytes!("../static/images/logo-gray.png"))),
        "error-x.svg" => Ok(Content(ContentType::SVG, include_bytes!("../static/images/error-x.svg"))),

        "bootstrap.css" => Ok(Content(ContentType::CSS, include_bytes!("../static/scripts/bootstrap.css"))),
        "bootstrap-native-v4.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/bootstrap-native-v4.js"))),
        "md5.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/md5.js"))),
        "identicon.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/identicon.js"))),
        _ => err!("Image not found"),
    }
}
First working version 2018-02-10 01:00:55 +01:00			`use std::path::{Path, PathBuf};`

Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally 2018-12-23 22:37:02 +01:00			`use rocket::http::ContentType;`
Updated Error to implement Display and Debug, instead of using custom methods 2018-12-29 01:01:58 +01:00			`use rocket::response::content::Content;`
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template 2019-01-19 21:36:34 +01:00			`use rocket::response::NamedFile;`
First working version 2018-02-10 01:00:55 +01:00			`use rocket::Route;`
Updated bw_rs to Rocket version 0.4-rc1 2018-10-10 20:40:39 +02:00			`use rocket_contrib::json::Json;`
			`use serde_json::Value;`
First working version 2018-02-10 01:00:55 +01:00
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template 2019-01-19 21:36:34 +01:00			`use crate::util::Cached;`
Added static email image routes 2019-02-16 03:44:30 +01:00			`use crate::error::Error;`
Change config to thread-safe system, needed for a future config panel. Improved some two factor methods. 2019-01-25 18:23:51 +01:00			`use crate::CONFIG;`
First working version 2018-02-10 01:00:55 +01:00
			`pub fn routes() -> Vec<Route> {`
Change config to thread-safe system, needed for a future config panel. Improved some two factor methods. 2019-01-25 18:23:51 +01:00			`if CONFIG.web_vault_enabled() {`
Rename static files endpoint 2019-08-31 17:25:31 +02:00			`routes![web_index, app_id, web_files, attachments, alive, static_files]`
Improved configuration and documented options. Implemented option to disable web vault and to disable the use of bitwarden's official icon servers 2018-06-12 21:09:42 +02:00			`} else {`
Rename static files endpoint 2019-08-31 17:25:31 +02:00			`routes![attachments, alive, static_files]`
Improved configuration and documented options. Implemented option to disable web vault and to disable the use of bitwarden's official icon servers 2018-06-12 21:09:42 +02:00			`}`
First working version 2018-02-10 01:00:55 +01:00			`}`

			`#[get("/")]`
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder. Removed unnecessary returns 2019-09-17 21:05:56 +02:00			`fn web_index() -> Cached<Option<NamedFile>> {`
Change config to thread-safe system, needed for a future config panel. Improved some two factor methods. 2019-01-25 18:23:51 +01:00			`Cached::short(NamedFile::open(`
			`Path::new(&CONFIG.web_vault_folder()).join("index.html"),`
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder. Removed unnecessary returns 2019-09-17 21:05:56 +02:00			`).ok())`
First working version 2018-02-10 01:00:55 +01:00			`}`

Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`#[get("/app-id.json")]`
Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally 2018-12-23 22:37:02 +01:00			`fn app_id() -> Cached<Content<Json<Value>>> {`
Set facets contentType 2018-07-13 15:05:00 +02:00			`let content_type = ContentType::new("application", "fido.trusted-apps+json");`

Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally 2018-12-23 22:37:02 +01:00			`Cached::long(Content(`
			`content_type,`
			`Json(json!({`
			`"trustedFacets": [`
			`{`
			`"version": { "major": 1, "minor": 0 },`
			`"ids": [`
Change config to thread-safe system, needed for a future config panel. Improved some two factor methods. 2019-01-25 18:23:51 +01:00			`&CONFIG.domain(),`
Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally 2018-12-23 22:37:02 +01:00			`"ios:bundle-id:com.8bit.bitwarden",`
			`"android:apk-key-hash:dUGFzUzf3lmHSLBDBIv+WaFyZMI" ]`
			`}]`
			`})),`
			`))`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`}`

Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template 2019-01-19 21:36:34 +01:00			`#[get("/<p..>", rank = 10)] // Only match this if the other routes don't match`
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder. Removed unnecessary returns 2019-09-17 21:05:56 +02:00			`fn web_files(p: PathBuf) -> Cached<Option<NamedFile>> {`
			`Cached::long(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join(p)).ok())`
First working version 2018-02-10 01:00:55 +01:00			`}`

Upload and download attachments, and added License file 2018-02-15 00:40:34 +01:00			`#[get("/attachments/<uuid>/<file..>")]`
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder. Removed unnecessary returns 2019-09-17 21:05:56 +02:00			`fn attachments(uuid: String, file: PathBuf) -> Option<NamedFile> {`
			`NamedFile::open(Path::new(&CONFIG.attachments_folder()).join(uuid).join(file)).ok()`
First working version 2018-02-10 01:00:55 +01:00			`}`

			`#[get("/alive")]`
			`fn alive() -> Json<String> {`
Migrate to rust 2018 edition 2018-12-07 02:05:45 +01:00			`use crate::util::format_date;`
Solved some warnings 2018-02-15 00:53:11 +01:00			`use chrono::Utc;`
First working version 2018-02-10 01:00:55 +01:00
			`Json(format_date(&Utc::now().naive_utc()))`
			`}`
Added static email image routes 2019-02-16 03:44:30 +01:00
Rename static files endpoint 2019-08-31 17:25:31 +02:00			`#[get("/bwrs_static/<filename>")]`
			`fn static_files(filename: String) -> Result<Content<&'static [u8]>, Error> {`
Added static email image routes 2019-02-16 03:44:30 +01:00			`match filename.as_ref() {`
Update HIBP to v3, requires paid API key, fixes #583 2019-08-20 20:07:12 +02:00			`"mail-github.png" => Ok(Content(ContentType::PNG, include_bytes!("../static/images/mail-github.png"))),`
			`"logo-gray.png" => Ok(Content(ContentType::PNG, include_bytes!("../static/images/logo-gray.png"))),`
			`"error-x.svg" => Ok(Content(ContentType::SVG, include_bytes!("../static/images/error-x.svg"))),`
Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values 2019-08-31 17:47:52 +02:00
			`"bootstrap.css" => Ok(Content(ContentType::CSS, include_bytes!("../static/scripts/bootstrap.css"))),`
			`"bootstrap-native-v4.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/bootstrap-native-v4.js"))),`
			`"md5.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/md5.js"))),`
			`"identicon.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/identicon.js"))),`
Update HIBP to v3, requires paid API key, fixes #583 2019-08-20 20:07:12 +02:00			`_ => err!("Image not found"),`
Added static email image routes 2019-02-16 03:44:30 +01:00			`}`
			`}`