mirror of
				https://github.com/dani-garcia/vaultwarden.git
				synced 2025-10-26 07:50:02 +02:00 
			
		
		
		
	Make password hints available in the error message #85
This commit is contained in:
		
							
								
								
									
										3
									
								
								.env
									
									
									
									
									
								
							
							
						
						
									
										3
									
								
								.env
									
									
									
									
									
								
							| @@ -27,6 +27,9 @@ | ||||
| ## The change only applies when the password is changed | ||||
| # PASSWORD_ITERATIONS=100000 | ||||
|  | ||||
| ## Whether password hint should be sent into the error response when the client request it | ||||
| # SHOW_PASSWORD_HINT=true | ||||
|  | ||||
| ## Domain settings | ||||
| ## The domain must match the address from where you access the server | ||||
| ## Unless you are using U2F, or having problems with attachments not downloading, there is no need to change this | ||||
|   | ||||
| @@ -247,3 +247,23 @@ fn revision_date(headers: Headers) -> String { | ||||
|     let revision_date = headers.user.updated_at.timestamp(); | ||||
|     revision_date.to_string() | ||||
| } | ||||
|  | ||||
| #[derive(Deserialize)] | ||||
| #[allow(non_snake_case)] | ||||
| struct PasswordHintData { | ||||
|     Email: String, | ||||
| } | ||||
|  | ||||
| #[post("/accounts/password-hint", data = "<data>")] | ||||
| fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResult { | ||||
|     let data: PasswordHintData = data.into_inner().data; | ||||
|  | ||||
|     if !CONFIG.show_password_hint { | ||||
|         return Ok(()) | ||||
|     } | ||||
|  | ||||
|     match User::find_by_mail(&data.Email, &conn) { | ||||
|         Some(user) => err!(user.password_hint.to_owned().unwrap_or("".to_string())), | ||||
|         None => Ok(()), | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -23,6 +23,7 @@ pub fn routes() -> Vec<Route> { | ||||
|         post_email, | ||||
|         delete_account, | ||||
|         revision_date, | ||||
|         password_hint, | ||||
|  | ||||
|         sync, | ||||
|  | ||||
|   | ||||
| @@ -169,6 +169,7 @@ pub struct Config { | ||||
|     local_icon_extractor: bool, | ||||
|     signups_allowed: bool, | ||||
|     password_iterations: i32, | ||||
|     show_password_hint: bool, | ||||
|     domain: String, | ||||
|     domain_set: bool, | ||||
| } | ||||
| @@ -197,6 +198,8 @@ impl Config { | ||||
|             local_icon_extractor: util::parse_option_string(env::var("LOCAL_ICON_EXTRACTOR").ok()).unwrap_or(false), | ||||
|             signups_allowed: util::parse_option_string(env::var("SIGNUPS_ALLOWED").ok()).unwrap_or(true), | ||||
|             password_iterations: util::parse_option_string(env::var("PASSWORD_ITERATIONS").ok()).unwrap_or(100_000), | ||||
|             show_password_hint: util::parse_option_string(env::var("SHOW_PASSWORD_HINT").ok()).unwrap_or(true), | ||||
|  | ||||
|             domain_set: domain.is_ok(), | ||||
|             domain: domain.unwrap_or("http://localhost".into()), | ||||
|         } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user