github-starred/vaultwarden
2
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-05-22 16:14:20 -05:00
Code Issues 307 Packages Projects Releases 83 Wiki Activity

[PR #3592] [MERGED] Implement "login with device" #6949

New Issue
Closed
opened 2026-03-07 21:08:30 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-03-07 21:08:30 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/3592
Author: @quexten
Created: 6/17/2023
Status: Merged
Merged: 8/13/2023
Merged by: @BlackDex

Base: mainHead: feature/login-with-device

📝 Commits (1)

  • 8d7b3db Implement login-with-device

📊 Changes

20 files changed (+842 additions, -8 deletions)

View changed files

migrations/mysql/2023-06-17-200424_create_auth_requests_table/down.sql (+0 -0)
migrations/mysql/2023-06-17-200424_create_auth_requests_table/up.sql (+19 -0)
migrations/postgresql/2023-06-17-200424_create_auth_requests_table/down.sql (+0 -0)
migrations/postgresql/2023-06-17-200424_create_auth_requests_table/up.sql (+19 -0)
migrations/sqlite/2023-06-17-200424_create_auth_requests_table/down.sql (+0 -0)
migrations/sqlite/2023-06-17-200424_create_auth_requests_table/up.sql (+19 -0)
📝 src/api/core/accounts.rs (+217 -3)
📝 src/api/core/mod.rs (+1 -0)
📝 src/api/identity.rs (+23 -1)
📝 src/api/mod.rs (+2 -1)
📝 src/api/notifications.rs (+182 -2)
📝 src/api/push.rs (+37 -0)
📝 src/config.rs (+8 -0)
src/db/models/auth_request.rs (+148 -0)
📝 src/db/models/device.rs (+88 -0)
📝 src/db/models/mod.rs (+3 -1)
📝 src/db/schemas/mysql/schema.rs (+22 -0)
📝 src/db/schemas/postgresql/schema.rs (+22 -0)
📝 src/db/schemas/sqlite/schema.rs (+22 -0)
📝 src/main.rs (+10 -0)

📄 Description

This is a very WIP pull-request for login-with-device. To run this, you need a new client version, for the web client this is 2023.06 (or latest master as of today) since login-with-device was disabled for self-hosted installations previously.

Basic login-with-device on WebSocket clients (desktop/web/webextension) works, but there is still quite some work to be done.
Screencast from 2023-06-17 23-53-39.webm

This PR implements a few components to make the login-with-device work, each still partially incomplete.

  • A few new rocket endpoints for adding / updating requests (mostly done, some request validation / responses missing)
  • A new database table for keeping the auth_requests (only done for sqlite)
  • A new websocket endpoint for anonymous connections (needed for the login-with-device feature, this duplicates some code but I didn't know how to structure it better in this case)
  • Some changes to the password_login. To finish the login-with-device, a regular password-login request to '/identity/connect/token' is made, with an additional field in the body, "authRequest", this contains the UUID of the authrequest, the password is the authCode from the passwordless login-request instead of the actual masterpasswordhash.

Aside from the points missing mentioned above, mobile push is not implemented yet, and a lot of code clean-up needs to be done.

Feel free to comment general comments, keep in mind the PR is very WIP so a lot of parts are missing and there is a lot of clean-up to be done.

I will squash the PR when it is done.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/3592 **Author:** [@quexten](https://github.com/quexten) **Created:** 6/17/2023 **Status:** ✅ Merged **Merged:** 8/13/2023 **Merged by:** [@BlackDex](https://github.com/BlackDex) **Base:** `main` ← **Head:** `feature/login-with-device` --- ### 📝 Commits (1) - [`8d7b3db`](https://github.com/dani-garcia/vaultwarden/commit/8d7b3db33d7e8a14c374b05fc567bcc70d2b018c) Implement login-with-device ### 📊 Changes **20 files changed** (+842 additions, -8 deletions) <details> <summary>View changed files</summary> ➕ `migrations/mysql/2023-06-17-200424_create_auth_requests_table/down.sql` (+0 -0) ➕ `migrations/mysql/2023-06-17-200424_create_auth_requests_table/up.sql` (+19 -0) ➕ `migrations/postgresql/2023-06-17-200424_create_auth_requests_table/down.sql` (+0 -0) ➕ `migrations/postgresql/2023-06-17-200424_create_auth_requests_table/up.sql` (+19 -0) ➕ `migrations/sqlite/2023-06-17-200424_create_auth_requests_table/down.sql` (+0 -0) ➕ `migrations/sqlite/2023-06-17-200424_create_auth_requests_table/up.sql` (+19 -0) 📝 `src/api/core/accounts.rs` (+217 -3) 📝 `src/api/core/mod.rs` (+1 -0) 📝 `src/api/identity.rs` (+23 -1) 📝 `src/api/mod.rs` (+2 -1) 📝 `src/api/notifications.rs` (+182 -2) 📝 `src/api/push.rs` (+37 -0) 📝 `src/config.rs` (+8 -0) ➕ `src/db/models/auth_request.rs` (+148 -0) 📝 `src/db/models/device.rs` (+88 -0) 📝 `src/db/models/mod.rs` (+3 -1) 📝 `src/db/schemas/mysql/schema.rs` (+22 -0) 📝 `src/db/schemas/postgresql/schema.rs` (+22 -0) 📝 `src/db/schemas/sqlite/schema.rs` (+22 -0) 📝 `src/main.rs` (+10 -0) </details> ### 📄 Description This is a **very WIP** pull-request for login-with-device. To run this, you need a new client version, for the web client this is 2023.06 (or latest master as of today) since login-with-device was disabled for self-hosted installations previously. Basic login-with-device on WebSocket clients (desktop/web/webextension) works, but there is still quite some work to be done. [Screencast from 2023-06-17 23-53-39.webm](https://github.com/dani-garcia/vaultwarden/assets/11866552/88a9360f-483a-4bcb-9e8f-58a264f2457e) This PR implements a few components to make the login-with-device work, each still partially incomplete. - A few new rocket endpoints for adding / updating requests (mostly done, some request validation / responses missing) - A new database table for keeping the auth_requests (only done for sqlite) - A new websocket endpoint for anonymous connections (needed for the login-with-device feature, this duplicates some code but I didn't know how to structure it better in this case) - Some changes to the password_login. To finish the login-with-device, a regular password-login request to '/identity/connect/token' is made, with an additional field in the body, "authRequest", this contains the UUID of the authrequest, the password is the authCode from the passwordless login-request instead of the actual masterpasswordhash. Aside from the points missing mentioned above, mobile push is not implemented yet, and a lot of code clean-up needs to be done. Feel free to comment general comments, keep in mind the PR is very WIP so a lot of parts are missing and there is a lot of clean-up to be done. I will squash the PR when it is done. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-03-07 21:08:30 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
wontfix
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#6949
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?