saret/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-10-31 10:18:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implement HIBP check [WIP].

Browse Source 
Add extra security attributes to admin cookie.
Error handling.
This commit is contained in:
Daniel García
2019-01-20 15:36:33 +01:00
parent 6cbb683f99
commit a797459560
4 changed files with 38 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/api/core/mod.rs
View File

@@ -11,6 +11,7 @@ pub fn routes() -> Vec<Route> {
get_eq_domains,
post_eq_domains,
put_eq_domains,
hibp_breach,
];
let mut routes = Vec::new();
@@ -128,3 +129,20 @@ fn post_eq_domains(data: JsonUpcase<EquivDomainData>, headers: Headers, conn: Db
fn put_eq_domains(data: JsonUpcase<EquivDomainData>, headers: Headers, conn: DbConn) -> JsonResult {
post_eq_domains(data, headers, conn)
}
#[get("/hibp/breach?<username>")]
fn hibp_breach(username: String) -> JsonResult {
let url = format!("https://haveibeenpwned.com/api/v2/breachedaccount/{}", username);
let user_agent = "Bitwarden_RS";
use reqwest::{header::USER_AGENT, Client};
let value: Value = Client::new()
.get(&url)
.header(USER_AGENT, user_agent)
.send()?
.error_for_status()?
.json()?;
Ok(Json(value))
}