feat: add emergency access and WebAuthn handlers with stub implementations

This commit is contained in:
qaz741wsd856 2025-11-30 09:24:19 +00:00
parent 43ccd71504
commit 682e372752
4 changed files with 67 additions and 3 deletions

View file

@ -0,0 +1,32 @@
use axum::Json;
use serde_json::{json, Value};
/// GET /emergency-access/trusted
///
/// Returns the list of trusted emergency access contacts (grantees) for the current user.
/// This is a stub implementation that always returns an empty list since emergency access
/// is not supported in this minimal Bitwarden-compatible implementation.
///
/// In vaultwarden, when `emergency_access_allowed` is disabled, it returns an empty list.
/// We follow the same pattern here.
#[worker::send]
pub async fn get_trusted_contacts() -> Json<Value> {
Json(json!({
"data": [],
"object": "list",
"continuationToken": null
}))
}
/// GET /emergency-access/granted
///
/// Returns the list of emergency access grants where the current user is a grantee.
/// This is a stub implementation that always returns an empty list.
#[worker::send]
pub async fn get_granted_access() -> Json<Value> {
Json(json!({
"data": [],
"object": "list",
"continuationToken": null
}))
}

View file

@ -1,11 +1,13 @@
pub mod accounts;
pub mod ciphers;
pub mod config;
pub mod identity;
pub mod sync;
pub mod emergency_access;
pub mod folders;
pub mod identity;
pub mod import;
pub mod purge;
pub mod sync;
pub mod webauth;
/// Shared helper for reading an environment variable into usize.
pub(crate) fn get_env_usize(env: &worker::Env, var_name: &str, default: usize) -> usize {

16
src/handlers/webauth.rs Normal file
View file

@ -0,0 +1,16 @@
use axum::Json;
use serde_json::{json, Value};
/// GET /webauthn
///
/// Returns an empty list of WebAuthn credentials.
/// This prevents 404 errors and key-rotation issues when passkey login is enabled.
/// Vaultwarden does not yet support passkey login, so we return an empty list.
#[worker::send]
pub async fn get_webauthn_credentials() -> Json<Value> {
Json(json!({
"object": "list",
"data": [],
"continuationToken": null
}))
}

View file

@ -5,7 +5,7 @@ use axum::{
use std::sync::Arc;
use worker::Env;
use crate::handlers::{accounts, ciphers, config, folders, identity, import, sync};
use crate::handlers::{accounts, ciphers, config, emergency_access, folders, identity, import, sync, webauth};
pub fn api_router(env: Env) -> Router {
let app_state = Arc::new(env);
@ -69,5 +69,19 @@ pub fn api_router(env: Env) -> Router {
.route("/api/folders/{id}", put(folders::update_folder))
.route("/api/folders/{id}", delete(folders::delete_folder))
.route("/api/config", get(config::config))
// Emergency access (stub - returns empty lists, feature not supported)
.route(
"/api/emergency-access/trusted",
get(emergency_access::get_trusted_contacts),
)
.route(
"/api/emergency-access/granted",
get(emergency_access::get_granted_access),
)
// WebAuthn (stub - prevents 404 errors, passkeys not supported)
.route(
"/api/webauthn",
get(webauth::get_webauthn_credentials),
)
.with_state(app_state)
}