github/vaultwarden
1
1
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-01-09 19:17:59 -05:00
Code Issues 13 Packages Projects Releases Wiki Activity

Add new accountKeys and masterPasswordUnlock fields (#6572)

Browse Source 
* Add new accountKeys and masterPasswordUnlock fields

* Fmt
This commit is contained in:
Daniel García
2025-12-19 13:34:43 +01:00
committed by GitHub
parent 2c73c6c2f2
commit 061d320c7f
2 changed files with 30 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/api/core/mod.rs
View File

@@ -217,7 +217,8 @@ fn config() -> Json<Value> {
// We should make sure that we keep this updated when we support the new server features // We should make sure that we keep this updated when we support the new server features
// Version history: // Version history:
// - Individual cipher key encryption: 2024.2.0 // - Individual cipher key encryption: 2024.2.0
"version": "2025.6.0", // - Mobile app support for MasterPasswordUnlockData: 2025.8.0
"version": "2025.12.0",
"gitHash": option_env!("GIT_REV"), "gitHash": option_env!("GIT_REV"),
"server": { "server": {
"name": "Vaultwarden", "name": "Vaultwarden",

29
src/api/identity.rs
View File

@@ -463,6 +463,31 @@ async fn authenticated_response(
let master_password_policy = master_password_policy(user, conn).await; let master_password_policy = master_password_policy(user, conn).await;
let has_master_password = !user.password_hash.is_empty();
let master_password_unlock = if has_master_password {
json!({
"Kdf": {
"KdfType": user.client_kdf_type,
"Iterations": user.client_kdf_iter,
"Memory": user.client_kdf_memory,
"Parallelism": user.client_kdf_parallelism
},
"MasterKeyEncryptedUserKey": user.akey,
"Salt": user.email
})
} else {
Value::Null
};
let account_keys = json!({
"publicKeyEncryptionKeyPair": {
"wrappedPrivateKey": user.private_key,
"publicKey": user.public_key,
"Object": "publicKeyEncryptionKeyPair"
},
"Object": "privateKeys"
});
let mut result = json!({ let mut result = json!({
"access_token": auth_tokens.access_token(), "access_token": auth_tokens.access_token(),
"expires_in": auth_tokens.expires_in(), "expires_in": auth_tokens.expires_in(),
@@ -477,8 +502,10 @@ async fn authenticated_response(
"ForcePasswordReset": false, "ForcePasswordReset": false,
"MasterPasswordPolicy": master_password_policy, "MasterPasswordPolicy": master_password_policy,
"scope": auth_tokens.scope(), "scope": auth_tokens.scope(),
"AccountKeys": account_keys,
"UserDecryptionOptions": { "UserDecryptionOptions": {
"HasMasterPassword": !user.password_hash.is_empty(), "HasMasterPassword": has_master_password,
"MasterPasswordUnlock": master_password_unlock,
"Object": "userDecryptionOptions" "Object": "userDecryptionOptions"
}, },
}); });