jcs.org / rubywarden
An unofficial, mostly Bitwarden-compatible API server written in Ruby (Sinatra and ActiveRecord)
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Rename project to Rubywarden

"bitwarden-ruby" made it seem like a library and possibly associated
with the upstream Bitwarden projects.

joshua stein 565c9d84 763092ac

+61 -57
+6 -5
AR-MIGRATE.md
··· 1 - ## bitwarden-ruby 1 + ## Rubywarden 2 2 3 - ### Migrating to ActiveRecord 3 + ### Migrating From `bitwarden-ruby` to Rubywarden and ActiveRecord 4 4 5 - If you've used this application before it switched to using ActiveRecord, you 6 - need to do the following steps to migrate the data and generate the new table 7 - structures. 5 + If you've used this application before it switched to using ActiveRecord 6 + (when it was called `bitwarden-ruby`), 7 + you need to do the following steps to migrate the data and generate the new 8 + table structures. 8 9 9 10 Even though the migration script will create a backup of your database, it is 10 11 probably best to create a backup yourself.
+34 -34
README.md
··· 2 2 [Bitwarden](https://bitwarden.com/) 3 3 project nor 8bit Solutions LLC.)* 4 4 5 - ## bitwarden-ruby 5 + ## Rubywarden 6 6 7 7 A small, self-contained API server written in Ruby and Sinatra to provide a 8 8 private backend for the open-source ··· 22 22 it is in the official Bitwarden backend, where the master password is never 23 23 known by the server. 24 24 For details on the format, consult the 25 - [documentation](https://github.com/jcs/bitwarden-ruby/blob/master/API.md). 25 + [documentation](https://github.com/jcs/rubywarden/blob/master/API.md). 26 26 27 27 ### API Documentation 28 28 29 29 This project also contains independent 30 - [documentation for Bitwarden's API](https://github.com/jcs/bitwarden-ruby/blob/master/API.md) 30 + [documentation for Bitwarden's API](https://github.com/jcs/rubywarden/blob/master/API.md) 31 31 written as I work on this server, since there doesn't seem to be any 32 32 documentation available other than the 33 33 [.NET Bitwarden code](https://github.com/bitwarden/core) ··· 38 38 Run `bundle install` at least once. 39 39 40 40 In order to create the initial environment, it is recommended to create a new, 41 - unprivileged user on your system dedicated to running bitwarden-ruby such as 41 + unprivileged user on your system dedicated to running Rubywarden such as 42 42 with `useradd`. 43 - This documentation will assume a user has been created named `_bitwarden`. 43 + This documentation will assume a user has been created named `_rubywarden`. 44 44 45 45 In order to create the initial database and the required tables run: 46 46 47 47 mkdir db/production 48 - sudo chown _bitwarden db/production 49 - sudo -u _bitwarden env RACK_ENV=production bundle exec rake db:migrate 48 + sudo chown _rubywarden db/production 49 + sudo -u _rubywarden env RACK_ENV=production bundle exec rake db:migrate 50 50 51 - If you've previously used bitwarden-ruby before July 30, 2018, when it did not 52 - use ActiveRecord, you should instead 51 + If you've previously used Rubywarden before July 30, 2018 when it was called 52 + `bitwarden-ruby`, when it did not use ActiveRecord, you should instead 53 53 [migrate](AR-MIGRATE.md) 54 54 your existing database. 55 55 56 - To run via Rack on port 4567, as user `_bitwarden`: 56 + To run via Rack on port 4567, as user `_rubywarden`: 57 57 58 - sudo -u _bitwarden env RACK_ENV=production bundle exec rackup -p 4567 config.ru 58 + sudo -u _rubywarden env RACK_ENV=production bundle exec rackup -p 4567 config.ru 59 59 60 60 You'll probably want to run it once with signups enabled, to allow yourself 61 61 to create an account: 62 62 63 - sudo -u _bitwarden env RACK_ENV=production ALLOW_SIGNUPS=1 bundle exec rackup -p 4567 config.ru 63 + sudo -u _rubywarden env RACK_ENV=production ALLOW_SIGNUPS=1 bundle exec rackup -p 4567 config.ru 64 64 65 65 Once the server is running, the Bitwarden apps (such as the Firefox extension) 66 66 can be configured to use your own Bitwarden server before login. ··· 76 76 requires interacting with the plaintext password, which the web API will never 77 77 do). 78 78 79 - sudo -u _bitwarden env RACK_ENV=production bundle exec ruby tools/change_master_password.rb -u you@example.com 79 + sudo -u _rubywarden env RACK_ENV=production bundle exec ruby tools/change_master_password.rb -u you@example.com 80 80 81 81 ### 2-Factor Authentication 82 82 ··· 86 86 signed up in the previous steps, run the `tools/activate_totp.rb` program on 87 87 the server: 88 88 89 - sudo -u _bitwarden env RACK_ENV=production bundle exec ruby tools/activate_totp.rb -u you@example.com 89 + sudo -u _rubywarden env RACK_ENV=production bundle exec ruby tools/activate_totp.rb -u you@example.com 90 90 91 91 You'll be shown a `data:` URL that has a PNG-encoded QR code, which you must 92 92 copy and paste into a browser, then scan with your mobile TOTP authenticator ··· 108 108 Export everything from 1Password in its "1Password Interchange Format". 109 109 It should create a directory with a `data.1pif` file (which is unencrypted, so 110 110 be careful with it). 111 - Once you have created your initial user account through `bitwarden-ruby`, run 112 - the conversion tool with your account e-mail address: 111 + Once you have created your initial user account through Rubywarden, run the 112 + conversion tool with your account e-mail address: 113 113 114 - sudo -u _bitwarden env RACK_ENV=production bundle exec ruby tools/1password_import.rb -f /path/to/data.1pif -u you@example.com 114 + sudo -u _rubywarden env RACK_ENV=production bundle exec ruby tools/1password_import.rb -f /path/to/data.1pif -u you@example.com 115 115 116 116 It will prompt you for the master password you already created, and then 117 117 convert and import as many items as it can. ··· 127 127 and any custom fields will lose their type (text, hidden, or boolean) and be 128 128 simply exported as text. 129 129 130 - Once you have created your initial user account through `bitwarden-ruby`, run 131 - the conversion tool with your account e-mail address: 130 + Once you have created your initial user account through Rubywarden, run the 131 + conversion tool with your account e-mail address: 132 132 133 - sudo -u _bitwarden env RACK_ENV=production bundle exec ruby tools/bitwarden_import.rb -f /path/to/data.csv -u you@example.com 133 + sudo -u _rubywarden env RACK_ENV=production bundle exec ruby tools/bitwarden_import.rb -f /path/to/data.csv -u you@example.com 134 134 135 135 It will prompt you for the master password you already created, and then 136 136 convert and import as many items as it can. ··· 138 138 This tool operates on the SQLite database directly (not through its REST API) 139 139 so you can run it offline. 140 140 141 - ### Keepass 141 + #### Keepass 142 142 143 143 In order to use the Keepass converter, you will need to install the necessary 144 144 dependency, using `bundle install --with keepass`. 145 145 146 146 There is no need to export your Keepass-database - you can use it as is. 147 147 148 - Once you have created your initial user account through `bitwarden-ruby`, run 149 - the conversion tool with your account e-mail address: 148 + Once you have created your initial user account through Rubywarden, run the 149 + conversion tool with your account e-mail address: 150 150 151 - sudo -u _bitwarden env RACK_ENV=production bundle exec ruby tools/keepass_import.rb -f /path/to/data.kdbx -u you@example.com 151 + sudo -u _rubywarden env RACK_ENV=production bundle exec ruby tools/keepass_import.rb -f /path/to/data.kdbx -u you@example.com 152 152 153 153 If your Keepass-database is secured using a keyfile, you can pass it using the `-k` parameter: 154 154 155 - sudo -u _bitwarden env RACK_ENV=production bundle exec ruby tools/keepass_import.rb -f /path/to/data.kdbx -k /path/to/keyfile.key -u you@example.com 155 + sudo -u _rubywarden env RACK_ENV=production bundle exec ruby tools/keepass_import.rb -f /path/to/data.kdbx -k /path/to/keyfile.key -u you@example.com 156 156 157 157 It will prompt you for the master password you already created, and then 158 158 convert and import as many items as it can. ··· 163 163 #### Lastpass 164 164 165 165 Export everything from LastPass by going to your vault, "More Options", 166 - "Advanced" and then "Export". It will then export your details in a new browser 167 - window in CSV format, copy and paste this data into a file accessible from your 168 - bitwarden-ruby installation. Unfortunately due to limitations in LastPass 169 - export the "extra fields" and "attachments" data in the LastPass vault will not 170 - be converted. 166 + "Advanced" and then "Export". 167 + It will then export your details in a new browser window in CSV format, copy 168 + and paste this data into a file accessible from your Rubywarden installation. 169 + Unfortunately due to limitations in LastPass export the "extra fields" and 170 + "attachments" data in the LastPass vault will not be converted. 171 171 172 - Once you have created your initial user account through `bitwarden-ruby`, run 173 - the conversion tool with your account e-mail address: 172 + Once you have created your initial user account through Rubywarden, run the 173 + conversion tool with your account e-mail address: 174 174 175 - sudo -u _bitwarden env RACK_ENV=production bundle exec ruby tools/lastpass_import.rb -f /path/to/data.csv -u you@example.com 175 + sudo -u _rubywarden env RACK_ENV=production bundle exec ruby tools/lastpass_import.rb -f /path/to/data.csv -u you@example.com 176 176 177 177 It will prompt you for the master password you already created, and then 178 178 convert and import as many items as it can. ··· 180 180 This tool operates on the SQLite database directly (not through its REST API) 181 181 so you can run it offline. 182 182 183 - ### License 183 + ### Rubywarden License 184 184 185 185 Copyright (c) 2017-2018 joshua stein `<jcs@jcs.org>` 186 186
+2 -2
config.ru
··· 14 14 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 15 # 16 16 17 - require File.dirname(__FILE__) + "/lib/bitwarden_ruby.rb" 17 + require File.dirname(__FILE__) + "/lib/rubywarden.rb" 18 18 require "#{APP_ROOT}/lib/app.rb" 19 19 20 - run BitwardenRuby::App 20 + run Rubywarden::App
+5 -5
lib/app.rb
··· 23 23 require_relative 'routes/icons' 24 24 require_relative 'routes/identity' 25 25 26 - module BitwardenRuby 26 + module Rubywarden 27 27 class App < Sinatra::Base 28 28 register Sinatra::Namespace 29 29 register Sinatra::ActiveRecordExtension ··· 35 35 enable :logging 36 36 end 37 37 38 - helpers BitwardenRuby::RequestHelpers 38 + helpers Rubywarden::RequestHelpers 39 39 40 40 before do 41 41 if request.content_type.to_s.match(/\Aapplication\/json(;|\z)/) ··· 55 55 content_type :json 56 56 end 57 57 58 - register BitwardenRuby::Routing::Api 59 - register BitwardenRuby::Routing::Icons 60 - register BitwardenRuby::Routing::Identity 58 + register Rubywarden::Routing::Api 59 + register Rubywarden::Routing::Icons 60 + register Rubywarden::Routing::Identity 61 61 end 62 62 end
+4 -1
lib/bitwarden.rb
··· 170 170 171 171 class Token 172 172 class << self 173 - KEY = "#{APP_ROOT}/db/production/jwt-rsa.key" 173 + KEY = "#{APP_ROOT}/db/#{RACK_ENV}/jwt-rsa.key" 174 174 175 175 attr_reader :rsa 176 176 ··· 181 181 else 182 182 @rsa = OpenSSL::PKey::RSA.generate 2048 183 183 184 + if !Dir.exists?(File.dirname(KEY)) 185 + Dir.mkdir(File.dirname(KEY)) 186 + end 184 187 f = File.new(KEY, File::CREAT|File::TRUNC|File::RDWR, 0600) 185 188 f.write @rsa.to_pem 186 189 f.write @rsa.public_key.to_pem
lib/bitwarden_ruby.rb lib/rubywarden.rb
+2 -2
lib/helpers/request_helpers.rb
··· 14 14 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 15 # 16 16 17 - module BitwardenRuby 17 + module Rubywarden 18 18 module RequestHelpers 19 19 def device_from_bearer 20 20 if m = request.env["HTTP_AUTHORIZATION"].to_s.match(/^Bearer (.+)/) ··· 46 46 }.to_json ] 47 47 end 48 48 end 49 - end 49 + end
+2 -2
lib/routes/api.rb
··· 14 14 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 15 # 16 16 17 - module BitwardenRuby 17 + module Rubywarden 18 18 module Routing 19 19 module Api 20 20 def self.registered(app) ··· 323 323 end 324 324 end 325 325 end 326 - end 326 + end
+2 -2
lib/routes/icons.rb
··· 14 14 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 15 # 16 16 17 - module BitwardenRuby 17 + module Rubywarden 18 18 module Routing 19 19 module Icons 20 20 def self.registered(app) ··· 28 28 end 29 29 end 30 30 end 31 - end 31 + end
+2 -2
lib/routes/identity.rb
··· 14 14 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 15 # 16 16 17 - module BitwardenRuby 17 + module Rubywarden 18 18 module Routing 19 19 module Identity 20 20 def self.registered(app) ··· 118 118 end 119 119 end 120 120 end 121 - end 121 + end
+2 -2
spec/spec_helper.rb
··· 11 11 # most tests require this to be on 12 12 ALLOW_SIGNUPS = true 13 13 14 - require File.realpath(File.dirname(__FILE__) + "/../lib/bitwarden_ruby.rb") 14 + require File.realpath(File.dirname(__FILE__) + "/../lib/rubywarden.rb") 15 15 require "#{APP_ROOT}/lib/app.rb" 16 16 17 17 #load 'db/schema.rb' ··· 47 47 end 48 48 49 49 def app 50 - BitwardenRuby::App 50 + Rubywarden::App 51 51 end