bitwardentools
bitwardentools copied to clipboard
Admin page requests end in NotFounds (vaultwarden)
As the title mentions, any function that calls the adminr
function always results in a 404 not found, as the request is not properly authenticated. The admin page on vaultwarden uses cookies to authenticate the admin, but the adminr
function does not do so. I wrote a quick fix for this problem:
res = requests.post(
f'{self.server}/admin',
data=f'token={admin_password}',
headers={
"content-type": "application/x-www-form-urlencoded"
},
allow_redirects=False
)
headers = {
'cookie': res.headers.get('set-cookie')
}
We then need to pass these headers into the call.
One problem with this approach is timeouts, requesting too many tokens very quickly leads to a timeout, which I think can be fixed by only updating the cookie if the request is a 404 and then retrying the request.
Also a small request, is it possible for me to submit this as a pull request in October? It will help me progress in Hacktoberfest.
Also while I'm at it, I think you could also add an invite_user
method.
It's a POST admin request at /admin/invite
if you want to just invite them for account creation and a POST request at /api/organizations/<org id>/users/invite
for invitation to a specific organization
Feel free to open PR for both but for part 1; im a bit surprised, basicauth is just working here to send requests to /admin. Are you using really using vaultwarden and which version?
For the invitation, i see you may not have noticed the add_user_to_organization method which only covers the "org invite" part. So you can add another method to handle the "whole instance" invitation use case.
For the first bit, I'm using vaultwarden version 2022.6.2
. I did a bit of tinkering in DevTools which is how I found that it authenticates using cookies and not basicauth.
For the invite function, I didn't see theadd_user_to_organization
method in the documentation over here.
I did a bit of tinkering in DevTools which is how I found that it authenticates using cookies and not basicauth
normally both are supported.