saltyming/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-06-20 10:20:08 +00:00
Code Activity

api::Accounts::verify_password add the policy even if it's ignored

Browse source
This commit is contained in:
Timshel 2025-01-03 16:41:27 +01:00
parent bee619ff52
commit 44045a865b
3 changed files with 11 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/api/core/accounts.rs
View file

@ -1050,6 +1050,8 @@ pub async fn kdf_upgrade(user: &mut User, pwd_hash: &str, conn: &mut DbConn) ->
Ok(())
}
// It appears that at the moment the return policy is required but ignored.
// As such the `enforceOnLogin` part is not working.
#[post("/accounts/verify-password", data = "<data>")]
async fn verify_password(data: Json<SecretVerificationRequest>, headers: Headers, mut conn: DbConn) -> JsonResult {
let data: SecretVerificationRequest = data.into_inner();
@ -1061,8 +1063,14 @@ async fn verify_password(data: Json<SecretVerificationRequest>, headers: Headers
kdf_upgrade(&mut user, &data.master_password_hash, &mut conn).await?;
let policy = if let Some(policy_str) = CONFIG.sso_master_password_policy().filter(|_| CONFIG.sso_enabled()) {
serde_json::from_str(&policy_str).unwrap_or(json!({}))
} else {
json!({})
};
Ok(Json(json!({
"MasterPasswordPolicy": {}, // Required for SSO login with mobile apps
"MasterPasswordPolicy": policy,
})))
}