0
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden synced 2024-12-13 09:13:01 +01:00

Add /api/accounts/verify-password endpoint

If for some reason the hashed password is cleared from memory within a
bitwarden client it will try to verify the password at the server side.

This endpoint was missing.

Resolves #1156
This commit is contained in:
BlackDex 2020-09-25 18:26:48 +02:00
parent 2f3e18caa9
commit c64560016e

View file

@ -32,6 +32,7 @@ pub fn routes() -> Vec<rocket::Route> {
revision_date,
password_hint,
prelogin,
verify_password,
]
}
@ -623,3 +624,20 @@ fn prelogin(data: JsonUpcase<PreloginData>, conn: DbConn) -> JsonResult {
"KdfIterations": kdf_iter
})))
}
#[derive(Deserialize)]
#[allow(non_snake_case)]
struct VerifyPasswordData {
MasterPasswordHash: String,
}
#[post("/accounts/verify-password", data = "<data>")]
fn verify_password(data: JsonUpcase<VerifyPasswordData>, headers: Headers, _conn: DbConn) -> EmptyResult {
let data: VerifyPasswordData = data.into_inner().data;
let user = headers.user;
if !user.check_valid_password(&data.MasterPasswordHash) {
err!("Invalid password")
}
Ok(())
}