0
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden synced 2024-12-14 09:33:44 +01:00
bitwarden_rs/migrations/postgresql
BlackDex de86aa671e Fix Key Rotation during password change
When ticking the 'Also rotate my account's encryption key' box, the key
rotated ciphers are posted after the change of password.

During the password change the security stamp was reseted which made
the posted key's return an invalid auth. This reset is needed to prevent other clients from still being able to read/write.

This fixes this by adding a new database column which stores a stamp exception which includes the allowed route and the current security stamp before it gets reseted.
When the security stamp check fails it will check if there is a stamp exception and tries to match the route and security stamp.

Currently it only allows for one exception. But if needed we could expand it by using a Vec<UserStampException> and change the functions accordingly.

fixes #1240
2020-12-14 19:58:23 +01:00
..
2019-09-12-100000_create_tables Adds support for PostgreSQL which resolves #87 and is mentioned in #246. 2019-09-12 16:12:22 -04:00
2019-09-16-150000_fix_attachments Added a migration that fixes #1 which caused attachments to be broken 2019-09-16 19:52:00 -04:00
2019-10-10-083032_add_column_to_twofactor Updated authenticator TOTP 2019-10-10 17:32:20 +02:00
2019-11-17-011009_add_email_verification Implement change-email, email-verification, account-recovery, and welcome notifications 2019-11-24 22:28:49 -07:00
2020-03-13-205045_add_policy_table Initial version of policies 2020-03-14 13:32:28 +01:00
2020-04-09-235005_add_cipher_delete_date Initial support for soft deletes 2020-04-17 22:35:27 +02:00
2020-07-01-214531_add_hide_passwords Add support for hiding passwords in a collection 2020-07-02 21:51:20 -07:00
2020-08-02-025025_add_favorites_table Transfer favorite status for user-owned ciphers 2020-08-22 17:14:05 -07:00
2020-11-30-224000_add_user_enabled Implement admin ability to enable/disable users 2020-11-30 23:12:56 +01:00
2020-12-09-173101_add_stamp_exception Fix Key Rotation during password change 2020-12-14 19:58:23 +01:00