Password History Support (#155)

migrations/2018-08-27-172114_update_ciphers/down.sql

@@ -0,0 +1,20 @@
+ALTER TABLE ciphers RENAME TO oldCiphers;
+
+CREATE TABLE ciphers (
+  uuid              TEXT     NOT NULL PRIMARY KEY,
+  created_at        DATETIME NOT NULL,
+  updated_at        DATETIME NOT NULL,
+  user_uuid         TEXT     REFERENCES users (uuid),
+  organization_uuid TEXT     REFERENCES organizations (uuid),
+  type              INTEGER  NOT NULL,
+  name              TEXT     NOT NULL,
+  notes             TEXT,
+  fields            TEXT,
+  data              TEXT     NOT NULL,
+  favorite          BOOLEAN  NOT NULL
+);
+
+INSERT INTO ciphers (uuid, created_at, updated_at, user_uuid, organization_uuid, type, name, notes, fields, data, favorite) 
+SELECT uuid, created_at, updated_at, user_uuid, organization_uuid, type, name, notes, fields, data, favorite FROM oldCiphers;
+
+DROP TABLE oldCiphers;

migrations/2018-08-27-172114_update_ciphers/up.sql

@@ -0,0 +1,3 @@
+ALTER TABLE ciphers
+    ADD COLUMN
+    password_history TEXT;

src/api/core/accounts.rs

@@ -168,9 +168,8 @@ struct EmailTokenData {
 #[post("/accounts/email-token", data = "<data>")]
 fn post_email_token(data: JsonUpcase<EmailTokenData>, headers: Headers, conn: DbConn) -> EmptyResult {
     let data: EmailTokenData = data.into_inner().data;
-    let mut user = headers.user;
 
-    if !user.check_valid_password(&data.MasterPasswordHash) {
+    if !headers.user.check_valid_password(&data.MasterPasswordHash) {
         err!("Invalid password")
     }
 
@@ -178,10 +177,6 @@ fn post_email_token(data: JsonUpcase<EmailTokenData>, headers: Headers, conn: Db
         err!("Email already in use");
     }
 
-    user.email = data.NewEmail;
-
-    user.save(&conn);
-    
     Ok(())
 }
 

src/api/core/ciphers.rs

@@ -112,6 +112,8 @@ struct CipherData {
     Identity: Option<Value>,
 
     Favorite: Option<bool>,
+
+    PasswordHistory: Option<Value>,
 }
 
 #[post("/ciphers/admin", data = "<data>")]
@@ -177,6 +179,7 @@ fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Head
     type_data["Name"] = Value::String(data.Name.clone());
     type_data["Notes"] = data.Notes.clone().map(Value::String).unwrap_or(Value::Null);
     type_data["Fields"] = data.Fields.clone().unwrap_or(Value::Null);
+    type_data["PasswordHistory"] = data.PasswordHistory.clone().unwrap_or(Value::Null);
     // TODO: ******* Backwards compat end **********
 
     cipher.favorite = data.Favorite.unwrap_or(false);
@@ -184,6 +187,7 @@ fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Head
     cipher.notes = data.Notes;
     cipher.fields = data.Fields.map(|f| f.to_string());
     cipher.data = type_data.to_string();
+    cipher.password_history = data.PasswordHistory.map(|f| f.to_string());
 
     cipher.save(&conn);
 

src/db/models/cipher.rs

@@ -32,6 +32,7 @@ pub struct Cipher {
     pub data: String,
 
     pub favorite: bool,
+    pub password_history: Option<String>,
 }
 
 /// Local methods
@@ -55,6 +56,7 @@ impl Cipher {
             fields: None,
 
             data: String::new(),
+            password_history: None,
         }
     }
 }
@@ -78,6 +80,10 @@ impl Cipher {
             serde_json::from_str(fields).unwrap()
         } else { JsonValue::Null };
         
+        let password_history_json: JsonValue = if let Some(ref password_history) = self.password_history {
+            serde_json::from_str(password_history).unwrap()
+        } else { JsonValue::Null };
+
         let mut data_json: JsonValue = serde_json::from_str(&self.data).unwrap();
 
         // TODO: ******* Backwards compat start **********
@@ -108,6 +114,8 @@ impl Cipher {
 
             "Object": "cipher",
             "Edit": true,
+
+            "PasswordHistory": password_history_json,
         });
 
         let key = match self.type_ {

src/db/schema.rs

@@ -21,6 +21,7 @@ table! {
         fields -> Nullable<Text>,
         data -> Text,
         favorite -> Bool,
+        password_history -> Nullable<Text>,
     }
 }