starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-02-05 00:29:40 +03:00
Code Issues 19 Packages Projects Releases 10 Wiki Activity

Admin Panel #108

New Issue
Closed
opened 2026-02-04 17:00:26 +03:00 by OVERLORD · 9 comments
OVERLORD commented 2026-02-04 17:00:26 +03:00
Owner
Copy Link

Originally created by @joe217 on GitHub (Oct 6, 2018).

Hi,

Any thoughts on getting the admin panel working?

Usually accessible at my.bitwardendomain.com/admin?

Originally created by @joe217 on GitHub (Oct 6, 2018). Hi, Any thoughts on getting the admin panel working? Usually accessible at my.bitwardendomain.com/admin?
OVERLORD commented 2026-02-04 17:00:37 +03:00
Author
Owner
Copy Link

@fbartels commented on GitHub (Oct 6, 2018):

I think that has been previously discussed at https://github.com/dani-garcia/bitwarden_rs/issues/202

@fbartels commented on GitHub (Oct 6, 2018): I think that has been previously discussed at https://github.com/dani-garcia/bitwarden_rs/issues/202
OVERLORD commented 2026-02-04 17:00:45 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Oct 6, 2018):

Yeah, there actually isn't much we could use from upstream in this case and generally is too much work for little benefit. If there's something specific you'd like to do in it, it's usually easy enough to do directly with sqlite client on the db.

Feel free to ask if you want to do something specific.

I'm closing this as duplicate of #202

@mprasil commented on GitHub (Oct 6, 2018): Yeah, there actually isn't much we could use from upstream in this case and generally is too much work for little benefit. If there's something specific you'd like to do in it, it's usually easy enough to do directly with sqlite client on the db. Feel free to ask if you want to do something specific. I'm closing this as duplicate of #202
OVERLORD commented 2026-02-04 17:01:05 +03:00
Author
Owner
Copy Link

@joe217 commented on GitHub (Oct 9, 2018):

Thank you for the prompt response...and my apologies for missing the recent similar post.

Two quick follow-up quesitons:

  1. Isn't the database encrypted? How would I list the user names?
  2. If the user names are unencrypted, could you list a sample CLI command that I could use to list them? I tried doing some research on sqlite, but may be a bit above my head. A few simple commands may point me in the right direction for making the actual bash scripts...

Thanks!

@joe217 commented on GitHub (Oct 9, 2018): Thank you for the prompt response...and my apologies for missing the recent similar post. Two quick follow-up quesitons: 1. Isn't the database encrypted? How would I list the user names? 2. If the user names are unencrypted, could you list a sample CLI command that I could use to list them? I tried doing some research on sqlite, but may be a bit above my head. A few simple commands may point me in the right direction for making the actual bash scripts... Thanks!
OVERLORD commented 2026-02-04 17:01:21 +03:00
Author
Owner
Copy Link

@fbartels commented on GitHub (Oct 9, 2018):

@joe217 the linked ticket has this example: sqlite3 data/db.sqlite3 "select * from users;"

@fbartels commented on GitHub (Oct 9, 2018): @joe217 the linked ticket has this example: `sqlite3 data/db.sqlite3 "select * from users;"`
OVERLORD commented 2026-02-04 17:01:26 +03:00
Author
Owner
Copy Link

@joe217 commented on GitHub (Oct 9, 2018):

Ok. Thank you. Figured that out now. That produces mostly gibberish,
though. The username emails are in plaintext. How would I go about deleted
them?

Also, would working on the bw-data file be equivalent to working in the
actual container?

Thanks.

On Mon, Oct 8, 2018 at 10:09 PM Felix Bartels notifications@github.com
wrote:

@joe217 https://github.com/joe217 the linked ticket has this example: sqlite3
data/db.sqlite3 "select * from users;"


You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub
https://github.com/dani-garcia/bitwarden_rs/issues/212#issuecomment-428061662,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ASgEYWBwAOWKmalfsi4SBmaYD2ATjEWjks5ujC-cgaJpZM4XLe18
.

@joe217 commented on GitHub (Oct 9, 2018): Ok. Thank you. Figured that out now. That produces mostly gibberish, though. The username emails are in plaintext. How would I go about deleted them? Also, would working on the bw-data file be equivalent to working in the actual container? Thanks. On Mon, Oct 8, 2018 at 10:09 PM Felix Bartels <notifications@github.com> wrote: > @joe217 <https://github.com/joe217> the linked ticket has this example: sqlite3 > data/db.sqlite3 "select * from users;" > > — > You are receiving this because you were mentioned. > > > Reply to this email directly, view it on GitHub > <https://github.com/dani-garcia/bitwarden_rs/issues/212#issuecomment-428061662>, > or mute the thread > <https://github.com/notifications/unsubscribe-auth/ASgEYWBwAOWKmalfsi4SBmaYD2ATjEWjks5ujC-cgaJpZM4XLe18> > . >
OVERLORD commented 2026-02-04 17:01:31 +03:00
Author
Owner
Copy Link

@fbartels commented on GitHub (Oct 9, 2018):

You can find a comprehensive tutorial on sqlite at https://www.tutorialspoint.com/sqlite/

The reason for the "gibberish" is that it outputs all the data in the table. Looking at it a bit closer you the following probably give a more meaningful output sqlite3 data/db.sqlite3 "select uuid,email from users;"

In the end you probably want something like: sqlite3 data/db.sqlite3 "delete from user where email='bla@company';" (untested)

@fbartels commented on GitHub (Oct 9, 2018): You can find a comprehensive tutorial on sqlite at https://www.tutorialspoint.com/sqlite/ The reason for the "gibberish" is that it outputs all the data in the table. Looking at it a bit closer you the following probably give a more meaningful output `sqlite3 data/db.sqlite3 "select uuid,email from users;"` In the end you probably want something like: `sqlite3 data/db.sqlite3 "delete from user where email='bla@company';"` (untested)
OVERLORD commented 2026-02-04 17:01:46 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Oct 9, 2018):

Careful with the deletes though, the user has a lot of attached objects in the DB. The best thing to do would be to change his password to some string like "deactivated" or something like that. This will never match the hashed passphrase and will effectively disable the account.

@mprasil commented on GitHub (Oct 9, 2018): Careful with the deletes though, the user has a lot of attached objects in the DB. The best thing to do would be to change his password to some string like "deactivated" or something like that. This will never match the hashed passphrase and will effectively disable the account.
OVERLORD commented 2026-02-04 17:01:53 +03:00
Author
Owner
Copy Link

@joe217 commented on GitHub (Oct 11, 2018):

https://github.com/dani-garcia/bitwarden_rs/issues/212#issuecomment-428093496

`sqlite3 data/db.sqlite3 "select uuid,email from users;"

So the above does produce a very organized list of users. But best not to delete? If I want to change the password, how to do that? Can that same email ever be used again - after changing the password? I would suspect no?

@joe217 commented on GitHub (Oct 11, 2018): https://github.com/dani-garcia/bitwarden_rs/issues/212#issuecomment-428093496 `sqlite3 data/db.sqlite3 "select uuid,email from users;" So the above does produce a very organized list of users. But best not to delete? If I want to change the password, how to do that? Can that same email ever be used again - after changing the password? I would suspect no?
OVERLORD commented 2026-02-04 17:02:01 +03:00
Author
Owner
Copy Link

@dani-garcia commented on GitHub (Oct 11, 2018):

This should disable the user and free the email to be used again:

sqlite3 data/db.sqlite3 "update users set email='disabled1', key='', private_key='', public_key='' where email='old@mail';"

Note: the 'disabled1' value could be anything, I just used that to make sure it wouldn't clash with a real email address.

The email is used when calculating the password hash at login by the client, which means it couldn't be possible to login again after that command. The command also deletes the users encryption keys for good measure.

The problem with deleting users is that there isn't currently any method to delete all the data assotiated with them unless you can login as the user yourself (In which case you can use the web vault option).

@dani-garcia commented on GitHub (Oct 11, 2018): This should disable the user and free the email to be used again: ``` sqlite3 data/db.sqlite3 "update users set email='disabled1', key='', private_key='', public_key='' where email='old@mail';" ``` Note: the 'disabled1' value could be anything, I just used that to make sure it wouldn't clash with a real email address. The email is used when calculating the password hash at login by the client, which means it couldn't be possible to login again after that command. The command also deletes the users encryption keys for good measure. The problem with deleting users is that there isn't currently any method to delete all the data assotiated with them unless you can login as the user yourself (In which case you can use the web vault option).
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
troubleshooting
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#108
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?