version bump - 1.4.0

.gitignore

@@ -0,0 +1,202 @@
+## Ignore Visual Studio temporary files, build results, and
+## files generated by popular Visual Studio add-ons.
+
+# User-specific files
+*.suo
+*.user
+*.userosscache
+*.sln.docstates
+
+# User-specific files (MonoDevelop/Xamarin Studio)
+*.userprefs
+
+# Build results
+[Dd]ebug/
+[Dd]ebugPublic/
+[Rr]elease/
+[Rr]eleases/
+x64/
+x86/
+build/
+bld/
+[Bb]in/
+[Oo]bj/
+
+# Visual Studo 2015 cache/options directory
+.vs/
+
+# MSTest test Results
+[Tt]est[Rr]esult*/
+[Bb]uild[Ll]og.*
+
+# NUNIT
+*.VisualState.xml
+TestResult.xml
+
+# Build Results of an ATL Project
+[Dd]ebugPS/
+[Rr]eleasePS/
+dlldata.c
+
+*_i.c
+*_p.c
+*_i.h
+*.ilk
+*.meta
+*.obj
+*.pch
+*.pdb
+*.pgc
+*.pgd
+*.rsp
+*.sbr
+*.tlb
+*.tli
+*.tlh
+*.tmp
+*.tmp_proj
+*.log
+*.vspscc
+*.vssscc
+.builds
+*.pidb
+*.svclog
+*.scc
+
+# Chutzpah Test files
+_Chutzpah*
+
+# Visual C++ cache files
+ipch/
+*.aps
+*.ncb
+*.opensdf
+*.sdf
+*.cachefile
+
+# Visual Studio profiler
+*.psess
+*.vsp
+*.vspx
+
+# TFS 2012 Local Workspace
+$tf/
+
+# Guidance Automation Toolkit
+*.gpState
+
+# ReSharper is a .NET coding add-in
+_ReSharper*/
+*.[Rr]e[Ss]harper
+*.DotSettings.user
+
+# JustCode is a .NET coding addin-in
+.JustCode
+
+# TeamCity is a build add-in
+_TeamCity*
+
+# DotCover is a Code Coverage Tool
+*.dotCover
+
+# NCrunch
+_NCrunch_*
+.*crunch*.local.xml
+
+# MightyMoose
+*.mm.*
+AutoTest.Net/
+
+# Web workbench (sass)
+.sass-cache/
+
+# Installshield output folder
+[Ee]xpress/
+
+# DocProject is a documentation generator add-in
+DocProject/buildhelp/
+DocProject/Help/*.HxT
+DocProject/Help/*.HxC
+DocProject/Help/*.hhc
+DocProject/Help/*.hhk
+DocProject/Help/*.hhp
+DocProject/Help/Html2
+DocProject/Help/html
+
+# Click-Once directory
+publish/
+
+# Publish Web Output
+*.[Pp]ublish.xml
+*.azurePubxml
+# TODO: Comment the next line if you want to checkin your web deploy settings 
+# but database connection strings (with potential passwords) will be unencrypted
+*.pubxml
+*.publishproj
+
+# NuGet Packages
+*.nupkg
+# The packages folder can be ignored because of Package Restore
+**/packages/*
+# except build/, which is used as an MSBuild target.
+!**/packages/build/
+# Uncomment if necessary however generally it will be regenerated when needed
+#!**/packages/repositories.config
+
+# Windows Azure Build Output
+csx/
+*.build.csdef
+
+# Windows Store app package directory
+AppPackages/
+
+# Others
+*.[Cc]ache
+ClientBin/
+[Ss]tyle[Cc]op.*
+~$*
+*~
+*.dbmdl
+*.dbproj.schemaview
+*.pfx
+*.publishsettings
+node_modules/
+bower_components/
+lib/
+css/
+dist/
+
+# RIA/Silverlight projects
+Generated_Code/
+
+# Backup & report files from converting an old project file
+# to a newer Visual Studio version. Backup files are not needed,
+# because we have git ;-)
+_UpgradeReport_Files/
+Backup*/
+UpgradeLog*.XML
+UpgradeLog*.htm
+
+# SQL Server files
+*.mdf
+*.ldf
+
+# Business Intelligence projects
+*.rdl.data
+*.bim.layout
+*.bim_*.settings
+
+# Microsoft Fakes
+FakesAssemblies/
+
+# Node.js Tools for Visual Studio
+.ntvs_analysis.dat
+
+# Visual Studio 6 build log
+*.plg
+
+# Visual Studio 6 workspace options file
+*.opt
+
+# Other
+project.lock.json

LICENSE.txt

@@ -0,0 +1,674 @@
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+
+  The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works.  By contrast,
+the GNU General Public License is intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.  We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors.  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+  To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights.  Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received.  You must make sure that they, too, receive
+or can get the source code.  And you must show them these terms so they
+know their rights.
+
+  Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+
+  For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software.  For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+  Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so.  This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software.  The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable.  Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products.  If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+  Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary.  To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                       TERMS AND CONDITIONS
+
+  0. Definitions.
+
+  "This License" refers to version 3 of the GNU General Public License.
+
+  "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+  "The Program" refers to any copyrightable work licensed under this
+License.  Each licensee is addressed as "you".  "Licensees" and
+"recipients" may be individuals or organizations.
+
+  To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy.  The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+  A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+  To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy.  Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+  To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies.  Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+  An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License.  If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+  1. Source Code.
+
+  The "source code" for a work means the preferred form of the work
+for making modifications to it.  "Object code" means any non-source
+form of a work.
+
+  A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+  The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form.  A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+  The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities.  However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work.  For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+  The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+  The Corresponding Source for a work in source code form is that
+same work.
+
+  2. Basic Permissions.
+
+  All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met.  This License explicitly affirms your unlimited
+permission to run the unmodified Program.  The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work.  This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+  You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force.  You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright.  Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+  Conveying under any other circumstances is permitted solely under
+the conditions stated below.  Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+  No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+  When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+  4. Conveying Verbatim Copies.
+
+  You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+  You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+  5. Conveying Modified Source Versions.
+
+  You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+    a) The work must carry prominent notices stating that you modified
+    it, and giving a relevant date.
+
+    b) The work must carry prominent notices stating that it is
+    released under this License and any conditions added under section
+    7.  This requirement modifies the requirement in section 4 to
+    "keep intact all notices".
+
+    c) You must license the entire work, as a whole, under this
+    License to anyone who comes into possession of a copy.  This
+    License will therefore apply, along with any applicable section 7
+    additional terms, to the whole of the work, and all its parts,
+    regardless of how they are packaged.  This License gives no
+    permission to license the work in any other way, but it does not
+    invalidate such permission if you have separately received it.
+
+    d) If the work has interactive user interfaces, each must display
+    Appropriate Legal Notices; however, if the Program has interactive
+    interfaces that do not display Appropriate Legal Notices, your
+    work need not make them do so.
+
+  A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit.  Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+  6. Conveying Non-Source Forms.
+
+  You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+    a) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by the
+    Corresponding Source fixed on a durable physical medium
+    customarily used for software interchange.
+
+    b) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by a
+    written offer, valid for at least three years and valid for as
+    long as you offer spare parts or customer support for that product
+    model, to give anyone who possesses the object code either (1) a
+    copy of the Corresponding Source for all the software in the
+    product that is covered by this License, on a durable physical
+    medium customarily used for software interchange, for a price no
+    more than your reasonable cost of physically performing this
+    conveying of source, or (2) access to copy the
+    Corresponding Source from a network server at no charge.
+
+    c) Convey individual copies of the object code with a copy of the
+    written offer to provide the Corresponding Source.  This
+    alternative is allowed only occasionally and noncommercially, and
+    only if you received the object code with such an offer, in accord
+    with subsection 6b.
+
+    d) Convey the object code by offering access from a designated
+    place (gratis or for a charge), and offer equivalent access to the
+    Corresponding Source in the same way through the same place at no
+    further charge.  You need not require recipients to copy the
+    Corresponding Source along with the object code.  If the place to
+    copy the object code is a network server, the Corresponding Source
+    may be on a different server (operated by you or a third party)
+    that supports equivalent copying facilities, provided you maintain
+    clear directions next to the object code saying where to find the
+    Corresponding Source.  Regardless of what server hosts the
+    Corresponding Source, you remain obligated to ensure that it is
+    available for as long as needed to satisfy these requirements.
+
+    e) Convey the object code using peer-to-peer transmission, provided
+    you inform other peers where the object code and Corresponding
+    Source of the work are being offered to the general public at no
+    charge under subsection 6d.
+
+  A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+  A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling.  In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage.  For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product.  A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+  "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source.  The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+  If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information.  But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+  The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed.  Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+  Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+  7. Additional Terms.
+
+  "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law.  If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+  When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it.  (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.)  You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+  Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+    a) Disclaiming warranty or limiting liability differently from the
+    terms of sections 15 and 16 of this License; or
+
+    b) Requiring preservation of specified reasonable legal notices or
+    author attributions in that material or in the Appropriate Legal
+    Notices displayed by works containing it; or
+
+    c) Prohibiting misrepresentation of the origin of that material, or
+    requiring that modified versions of such material be marked in
+    reasonable ways as different from the original version; or
+
+    d) Limiting the use for publicity purposes of names of licensors or
+    authors of the material; or
+
+    e) Declining to grant rights under trademark law for use of some
+    trade names, trademarks, or service marks; or
+
+    f) Requiring indemnification of licensors and authors of that
+    material by anyone who conveys the material (or modified versions of
+    it) with contractual assumptions of liability to the recipient, for
+    any liability that these contractual assumptions directly impose on
+    those licensors and authors.
+
+  All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10.  If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term.  If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+  If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+  Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+  8. Termination.
+
+  You may not propagate or modify a covered work except as expressly
+provided under this License.  Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+  However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+  Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+  Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+  9. Acceptance Not Required for Having Copies.
+
+  You are not required to accept this License in order to receive or
+run a copy of the Program.  Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance.  However,
+nothing other than this License grants you permission to propagate or
+modify any covered work.  These actions infringe copyright if you do
+not accept this License.  Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+  10. Automatic Licensing of Downstream Recipients.
+
+  Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License.  You are not responsible
+for enforcing compliance by third parties with this License.
+
+  An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations.  If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+  You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License.  For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+  11. Patents.
+
+  A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based.  The
+work thus licensed is called the contributor's "contributor version".
+
+  A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version.  For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+  Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+  In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement).  To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+  If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+  If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+  A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License.  You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+  Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+  12. No Surrender of Others' Freedom.
+
+  If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all.  For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+  13. Use with the GNU Affero General Public License.
+
+  Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work.  The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+
+  14. Revised Versions of this License.
+
+  The Free Software Foundation may publish revised and/or new versions of
+the GNU General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+  Each version is given a distinguishing version number.  If the
+Program specifies that a certain numbered version of the GNU General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation.  If the Program does not specify a version number of the
+GNU General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+  If the Program specifies that a proxy can decide which future
+versions of the GNU General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+  Later license versions may give you additional or different
+permissions.  However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+  15. Disclaimer of Warranty.
+
+  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. Limitation of Liability.
+
+  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+  17. Interpretation of Sections 15 and 16.
+
+  If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    {one line to give the program's name and a brief idea of what it does.}
+    Copyright (C) {year}  {name of author}
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+  If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+    {project}  Copyright (C) {year}  {fullname}
+    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
+
+  You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+<http://www.gnu.org/licenses/>.
+
+  The GNU General Public License does not permit incorporating your program
+into proprietary programs.  If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.  But first, please read
+<http://www.gnu.org/philosophy/why-not-lgpl.html>.

NuGet.Config

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <packageSources>
+        <!--To inherit the global NuGet package sources remove the <clear/> line below -->
+        <clear />
+        <add key="api.nuget.org" value="https://api.nuget.org/v3/index.json" />
+    </packageSources>
+</configuration>

README.md

@@ -0,0 +1,11 @@
+[![Join the chat at https://gitter.im/bitwarden/Lobby](https://badges.gitter.im/bitwarden/Lobby.svg)](https://gitter.im/bitwarden/Lobby)
+
+# bitwarden Web
+
+The bitwarden Web project is an AngularJS application that powers the web vault (https://vault.bitwarden.com/).
+
+# Contribute
+
+Code contributions are welcome! Please commit any pull requests against the `master` branch.
+
+Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature.

bitwarden-web.sln

@@ -0,0 +1,36 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 14
+VisualStudioVersion = 14.0.25420.1
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{860863C9-0436-43D4-840D-FE919C9F6FFC}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{14FE7221-D377-4AD5-9A9E-4541577CF05A}"
+	ProjectSection(SolutionItems) = preProject
+		.gitignore = .gitignore
+		CNAME = CNAME
+		global.json = global.json
+		NuGet.Config = NuGet.Config
+		README.md = README.md
+	EndProjectSection
+EndProject
+Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "Web", "src\Web\Web.xproj", "{0BEBF47C-BA0B-48AC-B48C-718F94084AD5}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{0BEBF47C-BA0B-48AC-B48C-718F94084AD5}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{0BEBF47C-BA0B-48AC-B48C-718F94084AD5}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{0BEBF47C-BA0B-48AC-B48C-718F94084AD5}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{0BEBF47C-BA0B-48AC-B48C-718F94084AD5}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{0BEBF47C-BA0B-48AC-B48C-718F94084AD5} = {860863C9-0436-43D4-840D-FE919C9F6FFC}
+	EndGlobalSection
+EndGlobal

global.json

@@ -0,0 +1,6 @@
+{
+  "projects": [ "src", "test" ],
+  "sdk": {
+    "version": "1.0.0-preview2-003121"
+  }
+}

src/Web/Program.cs

@@ -0,0 +1,20 @@
+using System.IO;
+using Microsoft.AspNetCore.Hosting;
+
+namespace Bit.Web
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            var host = new WebHostBuilder()
+                .UseKestrel()
+                .UseContentRoot(Directory.GetCurrentDirectory())
+                .UseIISIntegration()
+                .UseStartup<Startup>()
+                .Build();
+
+            host.Run();
+        }
+    }
+}

src/Web/Properties/AssemblyInfo.cs

@@ -0,0 +1,23 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("Bit.Web")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("bitwarden Web")]
+[assembly: AssemblyProduct("bitwarden Web")]
+[assembly: AssemblyCopyright("Copyright © 2016")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible
+// to COM components.  If you need to access a type in this assembly from
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("0bebf47c-ba0b-48ac-b48c-718f94084ad5")]

src/Web/Properties/launchSettings.json

@@ -0,0 +1,27 @@
+{
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:4001/",
+      "sslPort": 0
+    }
+  },
+  "profiles": {
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "Web": {
+      "commandName": "Project",
+      "launchBrowser": true,
+      "launchUrl": "http://localhost:5001",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

src/Web/Startup.cs

@@ -0,0 +1,16 @@
+using System;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Bit.Web
+{
+    public class Startup
+    {
+        public void ConfigureServices(IServiceCollection services) { }
+
+        public void Configure(IApplicationBuilder app)
+        {
+            app.UseFileServer();
+        }
+    }
+}

src/Web/Web.xproj

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
+    <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DotNet\Microsoft.DotNet.Props" Condition="'$(VSToolsPath)' != ''" />
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>0bebf47c-ba0b-48ac-b48c-718f94084ad5</ProjectGuid>
+    <RootNamespace>Bit.Vault</RootNamespace>
+    <BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">.\obj</BaseIntermediateOutputPath>
+    <OutputPath Condition="'$(OutputPath)'=='' ">.\bin\</OutputPath>
+    <TargetFrameworkVersion>v4.6</TargetFrameworkVersion>
+  </PropertyGroup>
+  <PropertyGroup>
+    <SchemaVersion>2.0</SchemaVersion>
+    <DevelopmentServerPort>4001</DevelopmentServerPort>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DotNet.Web\Microsoft.DotNet.Web.targets" Condition="'$(VSToolsPath)' != ''" />
+</Project>

src/Web/gulpfile.js

@@ -0,0 +1,326 @@
+/// <binding BeforeBuild='build, dist' Clean='clean' ProjectOpened='build. dist' />
+
+var gulp = require('gulp'),
+    rimraf = require('rimraf'),
+    concat = require('gulp-concat'),
+    rename = require('gulp-rename'),
+    cssmin = require('gulp-cssmin'),
+    uglify = require('gulp-uglify'),
+    ghPages = require('gulp-gh-pages'),
+    less = require('gulp-less'),
+    ngAnnotate = require('gulp-ng-annotate'),
+    preprocess = require('gulp-preprocess'),
+    runSequence = require('run-sequence'),
+    merge = require('merge-stream'),
+    ngConfig = require('gulp-ng-config'),
+    settings = require('./settings.json'),
+    project = require('./project.json'),
+    jshint = require('gulp-jshint'),
+    _ = require('lodash');
+
+var paths = {};
+paths.dist = '../../dist/';
+paths.webroot = './wwwroot/'
+paths.js = paths.webroot + 'js/**/*.js';
+paths.minJs = paths.webroot + 'js/**/*.min.js';
+paths.concatJsDest = paths.webroot + 'js/bw.min.js';
+paths.libDir = paths.webroot + 'lib/';
+paths.npmDir = 'node_modules/';
+paths.lessDir = 'less/';
+paths.cssDir = paths.webroot + 'css/';
+paths.jsDir = paths.webroot + 'js/';
+
+var randomString = Math.random().toString(36).substring(7);
+
+gulp.task('lint', function () {
+    return gulp.src(paths.webroot + 'app/**/*.js')
+        .pipe(jshint())
+        .pipe(jshint.reporter('default'));
+});
+
+gulp.task('build', function (cb) {
+    return runSequence(
+        'clean',
+        ['lib', 'less', 'settings', 'lint'],
+        cb);
+});
+
+gulp.task('clean:js', function (cb) {
+    return rimraf(paths.concatJsDest, cb);
+});
+
+gulp.task('clean:css', function (cb) {
+    return rimraf(paths.cssDir, cb);
+});
+
+gulp.task('clean:lib', function (cb) {
+    return rimraf(paths.libDir, cb);
+});
+
+gulp.task('clean', ['clean:js', 'clean:css', 'clean:lib', 'dist:clean']);
+
+gulp.task('min:js', ['clean:js'], function () {
+    return gulp.src([paths.js, '!' + paths.minJs], { base: '.' })
+        .pipe(concat(paths.concatJsDest))
+        .pipe(uglify())
+        .pipe(gulp.dest('.'));
+});
+
+gulp.task('min:css', [], function () {
+    return gulp.src([paths.cssDir + '**/*.css', '!' + paths.cssDir + '**/*.min.css'], { base: '.' })
+        .pipe(cssmin())
+        .pipe(rename({ suffix: '.min' }))
+        .pipe(gulp.dest('.'));
+});
+
+gulp.task('min', ['min:js', 'min:css']);
+
+gulp.task('lib', ['clean:lib'], function () {
+    var libs = [
+        {
+            src: [
+                paths.npmDir + 'bootstrap/dist/**/*',
+                '!' + paths.npmDir + 'bootstrap/dist/**/npm.js',
+                '!' + paths.npmDir + 'bootstrap/dist/**/css/*theme*'
+            ],
+            dest: paths.libDir + 'bootstrap'
+        },
+        {
+            src: paths.npmDir + 'font-awesome/css/*',
+            dest: paths.libDir + 'font-awesome/css'
+        },
+        {
+            src: paths.npmDir + 'font-awesome/fonts/*',
+            dest: paths.libDir + 'font-awesome/fonts'
+        },
+        {
+            src: paths.npmDir + 'jquery/dist/*.js',
+            dest: paths.libDir + 'jquery'
+        },
+        {
+            src: paths.npmDir + 'admin-lte/dist/js/app*.js',
+            dest: paths.libDir + 'admin-lte/js'
+        },
+        {
+            src: paths.npmDir + 'angular/angular*.js',
+            dest: paths.libDir + 'angular'
+        },
+        {
+            src: paths.npmDir + 'angular-bootstrap-npm/dist/*tpls*.js',
+            dest: paths.libDir + 'angular-bootstrap'
+        },
+        {
+            src: paths.npmDir + 'angular-bootstrap-show-errors/src/*.js',
+            dest: paths.libDir + 'angular-bootstrap-show-errors'
+        },
+        {
+            src: paths.npmDir + 'angular-cookies/*cookies*.js',
+            dest: paths.libDir + 'angular-cookies'
+        },
+        {
+            src: paths.npmDir + 'angular-jwt/dist/*.js',
+            dest: paths.libDir + 'angular-jwt'
+        },
+        {
+            src: paths.npmDir + 'angular-md5/angular-md5*.js',
+            dest: paths.libDir + 'angular-md5'
+        },
+        {
+            src: paths.npmDir + 'angular-resource/*resource*.js',
+            dest: paths.libDir + 'angular-resource'
+        },
+        {
+            src: [paths.npmDir + 'angular-toastr/dist/**/*.css', paths.npmDir + 'angular-toastr/dist/**/*.js'],
+            dest: paths.libDir + 'angular-toastr'
+        },
+        {
+            src: paths.npmDir + 'angular-ui-router/release/*.js',
+            dest: paths.libDir + 'angular-ui-router'
+        },
+        {
+            src: paths.npmDir + 'angular-messages/*messages*.js',
+            dest: paths.libDir + 'angular-messages'
+        },
+        {
+            src: [paths.npmDir + 'sjcl/core/cbc.js', paths.npmDir + 'sjcl/core/bitArray.js', paths.npmDir + 'sjcl/sjcl.js'],
+            dest: paths.libDir + 'sjcl'
+        },
+        {
+            src: paths.npmDir + 'ngstorage/*.js',
+            dest: paths.libDir + 'ngstorage'
+        },
+        {
+            src: paths.npmDir + 'papaparse/papaparse*.js',
+            dest: paths.libDir + 'papaparse'
+        },
+        {
+            src: paths.npmDir + 'ngclipboard/dist/ngclipboard*.js',
+            dest: paths.libDir + 'ngclipboard'
+        },
+        {
+            src: paths.npmDir + 'clipboard/dist/clipboard*.js',
+            dest: paths.libDir + 'clipboard'
+        },
+        {
+            src: [
+                paths.npmDir + 'angulartics-google-analytics/lib/angulartics*.js',
+                paths.npmDir + 'angulartics/src/angulartics.js'
+            ],
+            dest: paths.libDir + 'angulartics'
+        }
+    ];
+
+    var tasks = libs.map(function (lib) {
+        return gulp.src(lib.src).pipe(gulp.dest(lib.dest));
+    });
+
+    return merge(tasks);
+});
+
+gulp.task('settings', function () {
+    return config()
+        .pipe(gulp.dest(paths.webroot + 'app'));
+});
+
+function config() {
+    return gulp.src('./settings.json')
+        .pipe(ngConfig('bit', {
+            createModule: false,
+            constants: _.merge({}, {
+                appSettings: {
+                    version: project.version,
+                    environment: project.environment
+                }
+            }, require('./settings.' + project.environment + '.json') || {})
+        }));
+}
+
+gulp.task('less', function () {
+    return gulp.src(paths.lessDir + 'vault.less')
+        .pipe(less())
+        .pipe(gulp.dest(paths.cssDir));
+});
+
+gulp.task('watch', function () {
+    gulp.watch(paths.lessDir + '*.less', ['less']);
+    gulp.watch('./settings*.json', ['settings']);
+});
+
+gulp.task('dist:clean', function (cb) {
+    return rimraf(paths.dist, cb);
+});
+
+gulp.task('dist:move', function () {
+    var moves = [
+        {
+            src: '../../CNAME',
+            dest: paths.dist
+        },
+        {
+            src: [
+                paths.npmDir + 'bootstrap/dist/**/bootstrap.min.js',
+                paths.npmDir + 'bootstrap/dist/**/bootstrap.min.css',
+                paths.npmDir + 'bootstrap/dist/**/fonts/**/*',
+            ],
+            dest: paths.dist + 'lib/bootstrap'
+        },
+        {
+            src: [
+                paths.npmDir + 'font-awesome/**/font-awesome.min.css',
+                paths.npmDir + 'font-awesome/**/fonts/**/*'
+            ],
+            dest: paths.dist + 'lib/font-awesome'
+        },
+        {
+            src: paths.npmDir + 'jquery/dist/jquery.min.js',
+            dest: paths.dist + 'lib/jquery'
+        },
+        {
+            src: paths.npmDir + 'angular/angular.min.js',
+            dest: paths.dist + 'lib/angular'
+        },
+        {
+            src: [
+                paths.webroot + '**/app/**/*.html',
+                paths.webroot + '**/images/**/*',
+                paths.webroot + 'index.html',
+                paths.webroot + 'favicon.ico'
+            ],
+            dest: paths.dist
+        }
+    ];
+
+    var tasks = moves.map(function (move) {
+        return gulp.src(move.src).pipe(gulp.dest(move.dest));
+    });
+
+    return merge(tasks);
+});
+
+gulp.task('dist:css', function () {
+    return gulp
+        .src([
+            paths.cssDir + '**/*.css',
+            '!' + paths.cssDir + '**/*.min.css'
+        ])
+        .pipe(preprocess({ context: { cacheTag: randomString } }))
+        .pipe(cssmin())
+        .pipe(rename({ suffix: '.min' }))
+        .pipe(gulp.dest(paths.dist + 'css'));
+});
+
+gulp.task('dist:js:app', function () {
+    var mainStream = gulp
+        .src([
+            paths.webroot + 'app/app.js',
+            '!' + paths.webroot + 'app/settings.js',
+            paths.webroot + 'app/**/*Module.js',
+            paths.webroot + 'app/**/*.js'
+        ]);
+
+    merge(mainStream, config())
+        .pipe(preprocess({ context: { cacheTag: randomString } }))
+        .pipe(concat(paths.dist + '/js/app.min.js'))
+        .pipe(ngAnnotate())
+        .pipe(uglify())
+        .pipe(gulp.dest('.'));
+});
+
+gulp.task('dist:js:lib', function () {
+    return gulp
+        .src([
+            paths.libDir + 'sjcl/sjcl.js',
+            paths.libDir + 'sjcl/*.js',
+            paths.libDir + 'angulartics/angulartics.js',
+            paths.libDir + '**/*.js',
+            '!' + paths.libDir + '**/*.min.js',
+            '!' + paths.libDir + 'angular/**/*',
+            '!' + paths.libDir + 'bootstrap/**/*',
+            '!' + paths.libDir + 'jquery/**/*'
+        ])
+        .pipe(concat(paths.dist + '/js/lib.min.js'))
+        .pipe(uglify())
+        .pipe(gulp.dest('.'));
+});
+
+gulp.task('dist:preprocess', function () {
+    return gulp
+        .src([
+            paths.dist + '/**/*.html'
+        ], { base: '.' })
+        .pipe(preprocess({ context: { cacheTag: randomString }}))
+        .pipe(gulp.dest('.'));
+});
+
+gulp.task('dist', ['build'], function (cb) {
+    return runSequence(
+        'dist:clean',
+        ['dist:move', 'dist:css', 'dist:js:app', 'dist:js:lib'],
+        'dist:preprocess',
+        cb);
+});
+
+gulp.task('deploy', ['dist'], function () {
+    return gulp.src(paths.dist + '**/*')
+        .pipe(ghPages({ cacheDir: paths.dist + '.publish' }));
+});

src/Web/less/theme.less

@@ -0,0 +1,47 @@
+@import url(https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,300italic,400italic,600italic);
+@import "../node_modules/toastr/toastr.less";
+
+/* Start AdminLTE */
+
+//Bootstrap Variables & Mixins
+//The core bootstrap code have not been modified. These files
+//are included only for reference.
+@import (reference) "../node_modules/admin-lte/build/bootstrap-less/mixins.less";
+@import (reference) "../node_modules/admin-lte/build/bootstrap-less/variables.less";
+//MISC
+//----
+@import "../node_modules/admin-lte/build/less/core.less";
+@import "../node_modules/admin-lte/build/less/variables.less";
+@import "../node_modules/admin-lte/build/less/mixins.less";
+//COMPONENTS
+//-----------
+@import "../node_modules/admin-lte/build/less/header.less";
+@import "../node_modules/admin-lte/build/less/sidebar.less";
+@import "../node_modules/admin-lte/build/less/sidebar-mini.less";
+@import "../node_modules/admin-lte/build/less/control-sidebar.less";
+@import "../node_modules/admin-lte/build/less/dropdown.less";
+@import "../node_modules/admin-lte/build/less/forms.less";
+@import "../node_modules/admin-lte/build/less/progress-bars.less";
+@import "../node_modules/admin-lte/build/less/small-box.less";
+@import "../node_modules/admin-lte/build/less/boxes.less";
+@import "../node_modules/admin-lte/build/less/info-box.less";
+@import "../node_modules/admin-lte/build/less/timeline.less";
+@import "../node_modules/admin-lte/build/less/buttons.less";
+@import "../node_modules/admin-lte/build/less/callout.less";
+@import "../node_modules/admin-lte/build/less/alerts.less";
+@import "../node_modules/admin-lte/build/less/navs.less";
+@import "../node_modules/admin-lte/build/less/table.less";
+@import "../node_modules/admin-lte/build/less/labels.less";
+@import "../node_modules/admin-lte/build/less/modal.less";
+//PAGES
+//------
+@import "../node_modules/admin-lte/build/less/login_and_register.less";
+@import "../node_modules/admin-lte/build/less/404_500_errors.less";
+//Miscellaneous
+//-------------
+@import "../node_modules/admin-lte/build/less/miscellaneous.less";
+@import "../node_modules/admin-lte/build/less/print.less";
+
+/* End AdminLTE */
+
+@import "../node_modules/admin-lte/build/less/skins/skin-blue.less";

src/Web/less/vault.less

@@ -0,0 +1,184 @@
+@import "theme.less";
+
+/* Theme Adjustments */
+
+@boxed-layout-bg-image-path: "../images/boxed-bg.png";
+
+body {
+    background-color: @gray;
+    .img-retina(@boxed-layout-bg-image-path, "../images/boxed-bg-2x.png", auto, auto);
+}
+
+body,
+.main-header .logo,
+h1, h2, h3, h4, h5, h6,
+.h1, .h2, .h3, .h4, .h5, .h6 {
+    font-family: 'Open Sans', 'Helvetica Neue', Helvetica, Arial, sans-serif;
+}
+
+.box-body > .table-responsive {
+    > .table {
+        margin-bottom: 0;
+    }
+
+    @media screen and (max-width: @screen-xs-max) {
+        border: none;
+        margin-bottom: 0;
+    }
+}
+
+.sidebar-menu li.header {
+    padding-right: 15px;
+}
+
+.sidebar-form .form-group {
+    margin-bottom: 0;
+
+    input[type="text"], .form-control-feedback {
+        color: #999;
+    }
+}
+
+form div.validation-errors ul {
+    margin-bottom: 0;
+    padding-left: 20px;
+
+    li {
+        margin-left: 0;
+    }
+}
+
+.login-page,
+.register-page {
+    background-color: @gray;
+    background-repeat: repeat;
+    background-attachment: fixed;
+    .img-retina(@boxed-layout-bg-image-path, "../images/boxed-bg-2x.png", auto, auto);
+}
+
+.login-box-body,
+.register-box-body {
+    .boxShadow(0 0 8px rgba(0, 0, 0, 0.5));
+}
+
+.login-box, .register-box {
+    .checkbox {
+        margin-top: 0;
+    }
+
+    ul {
+        margin-bottom: 0;
+        padding-left: 20px;
+    }
+}
+
+.password-options {
+    float: right;
+
+    i {
+        margin: 0 5px;
+        cursor: pointer;
+    }
+}
+
+@media screen and (min-width: @screen-sm-min) {
+    .settings-photo {
+        text-align: center;
+
+        img {
+            margin: 0 auto;
+        }
+    }
+}
+
+/* Buttons */
+
+.btn-table {
+    padding: 1px 5px;
+    line-height: 1;
+}
+
+.btn-box-tool {
+    font-size: 14px;
+}
+
+form .btn .loading-icon {
+    margin-right: 8px;
+}
+
+/* Modals */
+
+.modal-footer {
+    text-align: left;
+}
+
+/* Toastr */
+
+#toast-container {
+    position: absolute;
+
+    &.toast-top-right {
+        top: 65px;
+        right: 15px;
+
+        @media (max-width: @screen-xs-max) {
+            top: initial;
+            bottom: 0;
+            right: 0;
+            width: 100%;
+        }
+    }
+
+    > .toast {
+        background-image: none !important;
+        .border-radius(0);
+        .boxShadow(0 0 8px rgba(0, 0, 0, 0.5));
+
+        @media (max-width: @screen-xs-max) {
+            width: 100%;
+        }
+
+        &.toast-danger, &.toast-error {
+            &:extend(.bg-red);
+
+            &:before {
+                content: "\f0e7";
+            }
+        }
+
+        &.toast-warning {
+            &:extend(.bg-yellow);
+
+            &:before {
+                content: "\f071";
+            }
+        }
+
+        &.toast-info {
+            &:extend(.bg-aqua);
+
+            &:before {
+                content: "\f005";
+            }
+        }
+
+        &.toast-success {
+            &:extend(.bg-green);
+
+            &:before {
+                content: "\f00C";
+            }
+        }
+
+        &:before {
+            position: fixed;
+            font-family: FontAwesome;
+            font-size: 24px;
+            line-height: 24px;
+            float: left;
+            color: #ffffff;
+            padding-right: 0.5em;
+            margin: auto 0.5em auto -1.5em;
+        }
+    }
+}

src/Web/package.json

@@ -0,0 +1,45 @@
+{
+  "name": "bitwarden",
+  "version": "0.0.0",
+  "devDependencies": {
+    "connect": "3.4.1",
+    "lodash": "4.13.1",
+    "gulp": "3.9.1",
+    "gulp-concat": "2.6.0",
+    "gulp-cssmin": "0.1.7",
+    "gulp-less": "3.1.0",
+    "gulp-rename": "1.2.2",
+    "gulp-uglify": "1.5.3",
+    "gulp-gh-pages": "0.5.4",
+    "gulp-preprocess": "2.0.0",
+    "gulp-ng-annotate": "2.0.0",
+    "gulp-ng-config": "1.3.1",
+    "jshint": "2.9.2",
+    "gulp-jshint": "2.0.1",
+    "rimraf": "2.5.2",
+    "run-sequence": "1.2.1",
+    "merge-stream": "1.0.0",
+    "jquery": "2.2.4",
+    "font-awesome": "4.6.3",
+    "bootstrap": "3.3.6",
+    "sjcl": "1.0.3",
+    "angular": "1.5.6",
+    "angular-resource": "1.5.6",
+    "angular-bootstrap-npm": "0.14.3",
+    "angular-ui-router": "0.3.1",
+    "angular-jwt": "0.0.9",
+    "angular-cookies": "1.5.6",
+    "admin-lte": "2.3.5",
+    "angular-md5": "0.1.10",
+    "angular-toastr": "1.7.0",
+    "angular-bootstrap-show-errors": "2.3.0",
+    "angular-messages": "1.5.6",
+    "ngstorage": "0.3.10",
+    "papaparse": "4.1.2",
+    "toastr": "2.1.2",
+    "clipboard": "1.5.12",
+    "ngclipboard": "1.1.1",
+    "angulartics": "1.1.2",
+    "angulartics-google-analytics": "0.2.1"
+  }
+}

src/Web/project.json

@@ -0,0 +1,56 @@
+{
+  "version": "1.4.0",
+  "environment": "Development",
+
+  "dependencies": {
+    "Microsoft.AspNetCore.Server.IISIntegration": "1.0.0",
+    "Microsoft.AspNetCore.Server.Kestrel": "1.0.0",
+    "Microsoft.AspNetCore.StaticFiles": "1.0.0"
+  },
+
+  "tools": {
+    "Microsoft.AspNetCore.Server.IISIntegration.Tools": {
+      "version": "1.0.0-preview2-final",
+      "imports": "portable-net45+win8+dnxcore50"
+    }
+  },
+
+  "frameworks": {
+    "netcoreapp1.0": {
+      "dependencies": {
+        "Microsoft.NETCore.App": {
+          "version": "1.0.0",
+          "type": "platform"
+        }
+      }
+    }
+  },
+
+  "buildOptions": {
+    "emitEntryPoint": true,
+    "preserveCompilationContext": true
+  },
+
+  "runtimeOptions": {
+    "gcServer": false,
+    "gcConcurrent": true
+  },
+
+  "publishOptions": {
+    "include": [
+      "wwwroot",
+      "Views",
+      "settings.json",
+      "settings.Development.json",
+      "settings.Production.json",
+      "settings.Staging.json",
+      "web.config"
+    ]
+  },
+
+  "scripts": {
+    "postpublish": [ "dotnet publish-iis --publish-folder %publish:OutputPath% --framework %publish:FullTargetFramework%" ]
+  },
+
+  "userSecretsId": "aspnet-Vault-20160519103145"
+}

src/Web/settings.Development.json

@@ -0,0 +1,5 @@
+{
+    "appSettings": {
+        "apiUri": "http://localhost:4000"
+    }
+}

src/Web/settings.Production.json

@@ -0,0 +1,5 @@
+{
+    "appSettings": {
+        "apiUri": "https://api.bitwarden.com"
+    }
+}

src/Web/settings.Staging.json

@@ -0,0 +1,5 @@
+{
+    "appSettings": {
+        "apiUri": "https://api.bitwarden.com"
+    }
+}

src/Web/settings.json

@@ -0,0 +1,5 @@
+{
+  "appSettings": {
+    "rememberedEmailCookieName": "bit.rememberedEmail"
+  }
+}

src/Web/web.config

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+  <system.webServer>
+    <handlers>
+      <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
+    </handlers>
+    <aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
+  </system.webServer>
+</configuration>

src/Web/wwwroot/_references.js

@@ -0,0 +1,73 @@
+/// <autosync enabled="true" />
+/// <reference path="../gulpfile.js" />
+/// <reference path="app/accounts/accountsLoginController.js" />
+/// <reference path="app/accounts/accountsLogoutController.js" />
+/// <reference path="app/accounts/accountsmodule.js" />
+/// <reference path="app/accounts/accountspasswordhintcontroller.js" />
+/// <reference path="app/accounts/accountsRegisterController.js" />
+/// <reference path="app/apiInterceptor.js" />
+/// <reference path="app/app.js" />
+/// <reference path="app/config.js" />
+/// <reference path="app/directives/apiFieldDirective.js" />
+/// <reference path="app/directives/apiFormDirective.js" />
+/// <reference path="app/directives/directivesModule.js" />
+/// <reference path="app/directives/masterPasswordDirective.js" />
+/// <reference path="app/directives/pageTitleDirective.js" />
+/// <reference path="app/directives/passwordmeterdirective.js" />
+/// <reference path="app/directives/passwordviewerdirective.js" />
+/// <reference path="app/global/globalModule.js" />
+/// <reference path="app/global/mainController.js" />
+/// <reference path="app/global/sideNavController.js" />
+/// <reference path="app/global/topNavController.js" />
+/// <reference path="app/services/apiService.js" />
+/// <reference path="app/services/authService.js" />
+/// <reference path="app/services/cipherService.js" />
+/// <reference path="app/services/cryptoService.js" />
+/// <reference path="app/services/importservice.js" />
+/// <reference path="app/services/passwordservice.js" />
+/// <reference path="app/services/servicesModule.js" />
+/// <reference path="app/services/tokenService.js" />
+/// <reference path="app/services/validationservice.js" />
+/// <reference path="app/settings.js" />
+/// <reference path="app/settings/settingsChangeEmailController.js" />
+/// <reference path="app/settings/settingsChangePasswordController.js" />
+/// <reference path="app/settings/settingsController.js" />
+/// <reference path="app/settings/settingsdeletecontroller.js" />
+/// <reference path="app/settings/settingsmodule.js" />
+/// <reference path="app/settings/settingsSessionsController.js" />
+/// <reference path="app/settings/settingsTwoFactorController.js" />
+/// <reference path="app/tools/toolsAuditsController.js" />
+/// <reference path="app/tools/toolsController.js" />
+/// <reference path="app/tools/toolsExportController.js" />
+/// <reference path="app/tools/toolsImportController.js" />
+/// <reference path="app/tools/toolsmodule.js" />
+/// <reference path="app/vault/vaultAddFolderController.js" />
+/// <reference path="app/vault/vaultAddSiteController.js" />
+/// <reference path="app/vault/vaultController.js" />
+/// <reference path="app/vault/vaultEditFolderController.js" />
+/// <reference path="app/vault/vaultEditSiteController.js" />
+/// <reference path="app/vault/vaultmodule.js" />
+/// <reference path="lib/admin-lte/js/app.js" />
+/// <reference path="lib/angular/angular.js" />
+/// <reference path="lib/angular-bootstrap/angular-bootstrap-tpls.js" />
+/// <reference path="lib/angular-bootstrap-show-errors/showErrors.js" />
+/// <reference path="lib/angular-cookies/angular-cookies.js" />
+/// <reference path="lib/angular-jwt/angular-jwt.js" />
+/// <reference path="lib/angular-md5/angular-md5.js" />
+/// <reference path="lib/angular-messages/angular-messages.js" />
+/// <reference path="lib/angular-resource/angular-resource.js" />
+/// <reference path="lib/angulartics/angulartics.js" />
+/// <reference path="lib/angulartics/angulartics-ga.js" />
+/// <reference path="lib/angular-toastr/angular-toastr.js" />
+/// <reference path="lib/angular-toastr/angular-toastr.min.js" />
+/// <reference path="lib/angular-toastr/angular-toastr.tpls.min.js" />
+/// <reference path="lib/angular-ui-router/angular-ui-router.js" />
+/// <reference path="lib/bootstrap/js/bootstrap.min.js" />
+/// <reference path="lib/clipboard/clipboard.js" />
+/// <reference path="lib/jquery/jquery.js" />
+/// <reference path="lib/ngclipboard/ngclipboard.js" />
+/// <reference path="lib/ngstorage/ngStorage.js" />
+/// <reference path="lib/papaparse/papaparse.js" />
+/// <reference path="lib/sjcl/bitArray.js" />
+/// <reference path="lib/sjcl/cbc.js" />
+/// <reference path="lib/sjcl/sjcl.js" />

src/Web/wwwroot/app/accounts/accountsLoginController.js

@@ -0,0 +1,51 @@
+angular
+    .module('bit.accounts')
+
+    .controller('accountsLoginController', function ($scope, $rootScope, $cookies, apiService, cryptoService, authService, $state, appSettings, $analytics) {
+        var rememberedEmail = $cookies.get(appSettings.rememberedEmailCookieName);
+        if (rememberedEmail) {
+            $scope.model = {
+                email: rememberedEmail,
+                rememberEmail: true
+            };
+        }
+
+        $scope.login = function (model) {
+            $scope.loginPromise = authService.logIn(model.email, model.masterPassword);
+
+            $scope.loginPromise.then(function () {
+                if (model.rememberEmail) {
+                    var cookieExpiration = new Date();
+                    cookieExpiration.setFullYear(cookieExpiration.getFullYear() + 10);
+
+                    $cookies.put(
+                        appSettings.rememberedEmailCookieName,
+                        model.email,
+                        { expires: cookieExpiration });
+                }
+                else {
+                    $cookies.remove(appSettings.rememberedEmailCookieName);
+                }
+
+                var profile = authService.getUserProfile();
+                if (profile.twoFactor) {
+                    $analytics.eventTrack('Logged In To Two-step');
+                    $state.go('frontend.login.twoFactor');
+                }
+                else {
+                    $analytics.eventTrack('Logged In');
+                    $state.go('backend.vault');
+                }
+            });
+        };
+
+        $scope.twoFactor = function (model) {
+            // Only supporting Authenticator provider for now
+            $scope.twoFactorPromise = authService.logInTwoFactor(model.code, "Authenticator");
+
+            $scope.twoFactorPromise.then(function () {
+                $analytics.eventTrack('Logged In From Two-step');
+                $state.go('backend.vault');
+            });
+        };
+    });

src/Web/wwwroot/app/accounts/accountsLogoutController.js

@@ -0,0 +1,8 @@
+angular
+    .module('bit.accounts')
+
+    .controller('accountsLogoutController', function ($scope, authService, $state, $analytics) {
+        authService.logOut();
+        $analytics.eventTrack('Logged Out');
+        $state.go('frontend.login.info');
+    });

src/Web/wwwroot/app/accounts/accountsModule.js

@@ -0,0 +1,2 @@
+angular
+    .module('bit.accounts', ['ui.bootstrap', 'ngCookies']);

src/Web/wwwroot/app/accounts/accountsPasswordHintController.js

@@ -0,0 +1,12 @@
+angular
+    .module('bit.accounts')
+
+    .controller('accountsPasswordHintController', function ($scope, $rootScope, apiService) {
+        $scope.success = false;
+
+        $scope.submit = function (model) {
+            $scope.submitPromise = apiService.accounts.postPasswordHint({ email: model.email }, function () {
+                $scope.success = true;
+            }).$promise;
+        };
+    });

src/Web/wwwroot/app/accounts/accountsRegisterController.js

@@ -0,0 +1,43 @@
+angular
+    .module('bit.accounts')
+
+    .controller('accountsRegisterController', function ($scope, $location, apiService, cryptoService, validationService, $analytics) {
+        var params = $location.search();
+
+        $scope.success = false;
+        $scope.model = {
+            email: params.email
+        };
+
+        $scope.registerPromise = null;
+        $scope.register = function (form) {
+            var error = false;
+
+            if ($scope.model.masterPassword.length < 8) {
+                validationService.addError(form, 'MasterPassword', 'Master password must be at least 8 characters long.', true);
+                error = true;
+            }
+            if ($scope.model.masterPassword !== $scope.model.confirmMasterPassword) {
+                validationService.addError(form, 'ConfirmMasterPassword', 'Master password confirmation does not match.', true);
+                error = true;
+            }
+
+            if (error) {
+                return;
+            }
+
+            var email = $scope.model.email.toLowerCase();
+            var key = cryptoService.makeKey($scope.model.masterPassword, email);
+            var request = {
+                name: $scope.model.name,
+                email: email,
+                masterPasswordHash: cryptoService.hashPassword($scope.model.masterPassword, key),
+                masterPasswordHint: $scope.model.masterPasswordHint
+            };
+
+            $scope.registerPromise = apiService.accounts.register(request, function () {
+                $scope.success = true;
+                $analytics.eventTrack('Registered');
+            }).$promise;
+        };
+    });

src/Web/wwwroot/app/accounts/views/accountsLogin.html

@@ -0,0 +1,7 @@
+<div class="login-box">
+    <div class="login-logo">
+        <i class="fa fa-shield"></i> <b>bit</b>warden
+    </div>
+    <div class="login-box-body" ui-view>
+    </div>
+</div>

src/Web/wwwroot/app/accounts/views/accountsLoginInfo.html

@@ -0,0 +1,41 @@
+<p class="login-box-msg">Log in to access your vault.</p>
+<form name="loginForm" ng-submit="loginForm.$valid && login(model)" api-form="loginPromise">
+    <div class="callout callout-danger validation-errors" ng-show="loginForm.$errors">
+        <h4>Errors have occured</h4>
+        <ul>
+            <li ng-repeat="e in loginForm.$errors">{{e}}</li>
+        </ul>
+    </div>
+    <div class="form-group has-feedback" show-errors>
+        <label for="email" class="sr-only">Email</label>
+        <input type="email" id="email" name="Email" class="form-control" placeholder="Email" ng-model="model.email"
+               required api-field />
+        <span class="fa fa-envelope form-control-feedback"></span>
+    </div>
+    <div class="form-group has-feedback" show-errors>
+        <label for="masterPassword" class="sr-only">Master Password</label>
+        <input type="password" id="masterPassword" name="MasterPasswordHash" class="form-control" placeholder="Master Password"
+               ng-model="model.masterPassword"
+               required api-field />
+        <span class="fa fa-lock form-control-feedback"></span>
+    </div>
+    <div class="row">
+        <div class="col-xs-7">
+            <div class="checkbox">
+                <label>
+                    <input type="checkbox" id="rememberEmail" ng-model="model.rememberEmail" /> Remember Email
+                </label>
+            </div>
+        </div>
+        <div class="col-xs-5">
+            <button type="submit" class="btn btn-primary btn-block btn-flat" ng-disabled="loginForm.$loading">
+                <i class="fa fa-refresh fa-spin loading-icon" ng-show="loginForm.$loading"></i>Log In
+            </button>
+        </div>
+    </div>
+    <hr />
+    <ul>
+        <li><a ui-sref="frontend.register">Create a new account</a></li>
+        <li><a ui-sref="frontend.passwordHint">Get master password hint</a></li>
+    </ul>
+</form>

src/Web/wwwroot/app/accounts/views/accountsLoginTwoFactor.html

@@ -0,0 +1,22 @@
+<p class="login-box-msg">Enter your two-step verification code.</p>
+<form name="twoFactorForm" ng-submit="twoFactorForm.$valid && twoFactor(model)" api-form="twoFactorPromise">
+    <div class="callout callout-danger validation-errors" ng-show="twoFactorForm.$errors">
+        <h4>Errors have occured</h4>
+        <ul>
+            <li ng-repeat="e in twoFactorForm.$errors">{{e}}</li>
+        </ul>
+    </div>
+    <div class="form-group has-feedback" show-errors>
+        <label for="code" class="sr-only">Code</label>
+        <input type="text" id="code" name="Code" class="form-control" placeholder="Verification code" ng-model="model.code"
+               required api-field />
+        <span class="fa fa-lock form-control-feedback"></span>
+    </div>
+    <div class="row">
+        <div class="col-xs-offset-7 col-xs-5">
+            <button type="submit" class="btn btn-primary btn-block btn-flat" ng-disabled="twoFactorForm.$loading">
+                <i class="fa fa-refresh fa-spin loading-icon" ng-show="twoFactorForm.$loading"></i>Log In
+            </button>
+        </div>
+    </div>
+</form>

src/Web/wwwroot/app/accounts/views/accountsPasswordHint.html

@@ -0,0 +1,39 @@
+<div class="login-box">
+    <div class="login-logo">
+        <i class="fa fa-shield"></i> <b>bit</b>warden
+    </div>
+    <div class="login-box-body">
+        <p class="login-box-msg">Get your master password hint.</p>
+        <div class="text-center" ng-show="success">
+            <div class="callout callout-success">
+                If your account exists ({{model.email}}) we've sent you an email with your master password hint.
+            </div>
+            <a ui-sref="frontend.login.info">Ready to log in?</a>
+        </div>
+        <form name="passwordHintForm" ng-submit="passwordHintForm.$valid && submit(model)" ng-show="!success"
+              api-form="submitPromise">
+            <div class="callout callout-danger validation-errors" ng-show="passwordHintForm.$errors">
+                <h4>Errors have occured</h4>
+                <ul>
+                    <li ng-repeat="e in passwordHintForm.$errors">{{e}}</li>
+                </ul>
+            </div>
+            <div class="form-group has-feedback" show-errors>
+                <label for="email" class="sr-only">Your account email address</label>
+                <input type="email" id="email" name="Email" class="form-control" placeholder="Your account email address"
+                       ng-model="model.email" required api-field />
+                <span class="fa fa-envelope form-control-feedback"></span>
+            </div>
+            <div class="row">
+                <div class="col-xs-7">
+                    <a ui-sref="frontend.login.info">Ready to log in?</a>
+                </div>
+                <div class="col-xs-5">
+                    <button type="submit" class="btn btn-primary btn-block btn-flat" ng-disabled="passwordHintForm.$loading">
+                        <i class="fa fa-refresh fa-spin loading-icon" ng-show="passwordHintForm.$loading"></i>Submit
+                    </button>
+                </div>
+            </div>
+        </form>
+    </div>
+</div>

src/Web/wwwroot/app/accounts/views/accountsRegister.html

@@ -0,0 +1,73 @@
+<div class="register-box">
+    <div class="register-logo">
+        <i class="fa fa-shield"></i> <b>bit</b>warden
+    </div>
+    <div class="register-box-body">
+        <p class="login-box-msg">Create a new account.</p>
+        <div class="text-center" ng-show="success">
+            <div class="callout callout-success">
+                <h4>Account Created!</h4>
+                <p>You may now log in to your new account.</p>
+            </div>
+            <a ui-sref="frontend.login.info">Ready to log in?</a>
+        </div>
+        <form name="registerForm" ng-submit="registerForm.$valid && register(registerForm)" ng-show="!success"
+              api-form="registerPromise">
+            <div class="callout callout-danger validation-errors" ng-show="registerForm.$errors">
+                <h4>Errors have occured</h4>
+                <ul>
+                    <li ng-repeat="e in registerForm.$errors">{{e}}</li>
+                </ul>
+            </div>
+            <div class="form-group has-feedback" show-errors>
+                <label for="email" class="sr-only">Email</label>
+                <input type="email" id="email" name="Email" class="form-control" placeholder="Email" ng-model="model.email"
+                       required api-field />
+                <span class="fa fa-envelope form-control-feedback"></span>
+                <p class="help-block">You'll use your email address to log in.</p>
+            </div>
+            <div class="form-group has-feedback" show-errors>
+                <label for="name" class="sr-only">Your Name</label>
+                <input type="text" id="name" name="Name" class="form-control" ng-model="model.name"
+                       placeholder="Your Name" api-field>
+                <span class="fa fa-user form-control-feedback"></span>
+                <p class="help-block">What should we call you?</p>
+            </div>
+            <div class="form-group has-feedback" show-errors>
+                <label for="masterPassword" class="sr-only">Master Password</label>
+                <input type="password" id="masterPassword" name="MasterPasswordHash" class="form-control"
+                       ng-model="model.masterPassword" placeholder="Master Password" required api-field>
+                <span class="fa fa-lock form-control-feedback"></span>
+                <p class="help-block">The master password is the password you use to access your vault.</p>
+            </div>
+            <div class="form-group has-feedback" show-errors>
+                <label form="confirmMasterPassword" class="sr-only">Re-type Master Password</label>
+                <input type="password" id="confirmMasterPassword" name="ConfirmMasterPassword" class="form-control"
+                       placeholder="Re-type Master Password"
+                       ng-model="model.confirmMasterPassword" required api-field>
+                <span class="fa fa-lock form-control-feedback"></span>
+                <p class="help-block">
+                    It is very important that you do not forget your master password.
+                    There is <u>no way</u> to recover the password in the event that you forget it.
+                </p>
+            </div>
+            <div class="form-group has-feedback" show-errors>
+                <label for="hint" class="sr-only">Master Password Hint (optional)</label>
+                <input type="text" id="hint" name="MasterPasswordHint" class="form-control" ng-model="model.masterPasswordHint"
+                       placeholder="Master Password Hint (optional)" api-field>
+                <span class="fa fa-lightbulb-o form-control-feedback"></span>
+                <p class="help-block">A master password hint can help you remember your password if you forget it.</p>
+            </div>
+            <div class="row">
+                <div class="col-xs-7">
+                    <a ui-sref="frontend.login.info">Already have an account?</a>
+                </div>
+                <div class="col-xs-5">
+                    <button type="submit" class="btn btn-primary btn-block btn-flat" ng-disabled="registerForm.$loading">
+                        <i class="fa fa-refresh fa-spin loading-icon" ng-show="registerForm.$loading"></i>Submit
+                    </button>
+                </div>
+            </div>
+        </form>
+    </div>
+</div>

src/Web/wwwroot/app/apiInterceptor.js

@@ -0,0 +1,29 @@
+angular
+    .module('bit')
+
+    .factory('apiInterceptor', function ($injector, $q, toastr) {
+        return {
+            request: function (config) {
+                return config;
+            },
+            response: function (response) {
+                if (response.status === 401 || response.status === 403) {
+                    $injector.get('authService').logOut();
+                    $injector.get('$state').go('frontend.login.info').then(function () {
+                        toastr.warning('Your login session has expired.', 'Logged out');
+                    });
+                }
+
+                return response || $q.when(response);
+            },
+            responseError: function (rejection) {
+                if (rejection.status === 401 || rejection.status === 403) {
+                    $injector.get('authService').logOut();
+                    $injector.get('$state').go('frontend.login.info').then(function () {
+                        toastr.warning('Your login session has expired.', 'Logged out');
+                    });
+                }
+                return $q.reject(rejection);
+            }
+        };
+    });

src/Web/wwwroot/app/app.js

@@ -0,0 +1,20 @@
+angular
+    .module('bit', [
+        'ui.router',
+        'ngMessages',
+        'angular-jwt',
+        'angular-md5',
+        'ui.bootstrap.showErrors',
+        'toastr',
+        'angulartics',
+        'angulartics.google.analytics',
+
+        'bit.directives',
+        'bit.services',
+
+        'bit.global',
+        'bit.accounts',
+        'bit.vault',
+        'bit.settings',
+        'bit.tools'
+    ]);

src/Web/wwwroot/app/config.js

@@ -0,0 +1,135 @@
+angular
+    .module('bit')
+
+    .config(function ($stateProvider, $urlRouterProvider, $httpProvider, jwtInterceptorProvider, $uibTooltipProvider, toastrConfig) {
+        jwtInterceptorProvider.urlParam = 'access_token';
+        jwtInterceptorProvider.tokenGetter = /*@ngInject*/ function (config, appSettings, tokenService) {
+            if (config.url.indexOf(appSettings.apiUri) === 0) {
+                return tokenService.getToken();
+            }
+        };
+
+        angular.extend(toastrConfig, {
+            closeButton: true,
+            progressBar: true,
+            showMethod: 'slideDown',
+            target: '.toast-target'
+        });
+
+        $uibTooltipProvider.options({
+            popupDelay: 600
+        });
+
+        if ($httpProvider.defaults.headers.post) {
+            $httpProvider.defaults.headers.post = {};
+        }
+
+        $httpProvider.defaults.headers.post['Content-Type'] = 'text/plain; charset=utf-8';
+
+        $httpProvider.interceptors.push('apiInterceptor');
+        $httpProvider.interceptors.push('jwtInterceptor');
+
+        $urlRouterProvider.otherwise('/');
+
+        $stateProvider
+        // Backend
+            .state('backend', {
+                templateUrl: 'app/views/backendLayout.html',
+                abstract: true,
+                data: {
+                    authorize: true
+                }
+            })
+            .state('backend.vault', {
+                url: '^/',
+                templateUrl: 'app/vault/views/vault.html',
+                controller: 'vaultController',
+                data: { pageTitle: 'My Vault' }
+            })
+            .state('backend.settings', {
+                url: '^/settings',
+                templateUrl: 'app/settings/views/settings.html',
+                controller: 'settingsController',
+                data: { pageTitle: 'Settings' }
+            })
+            .state('backend.tools', {
+                url: '^/tools',
+                templateUrl: 'app/tools/views/tools.html',
+                controller: 'toolsController',
+                data: { pageTitle: 'Tools' }
+            })
+
+        // Frontend
+            .state('frontend', {
+                templateUrl: 'app/views/frontendLayout.html',
+                abstract: true,
+                data: {
+                    authorize: false
+                }
+            })
+            .state('frontend.login', {
+                templateUrl: 'app/accounts/views/accountsLogin.html',
+                controller: 'accountsLoginController',
+                data: {
+                    bodyClass: 'login-page'
+                }
+            })
+            .state('frontend.login.info', {
+                url: '^/login',
+                templateUrl: 'app/accounts/views/accountsLoginInfo.html',
+                data: {
+                    pageTitle: 'Log In'
+                }
+            })
+            .state('frontend.login.twoFactor', {
+                url: '^/login/two-factor',
+                templateUrl: 'app/accounts/views/accountsLoginTwoFactor.html',
+                data: {
+                    pageTitle: 'Log In (Two Factor)',
+                    authorizeTwoFactor: true
+                }
+            })
+            .state('frontend.logout', {
+                url: '^/logout',
+                controller: 'accountsLogoutController',
+                data: {
+                    authorize: true
+                }
+            })
+            .state('frontend.passwordHint', {
+                url: '^/password-hint',
+                templateUrl: 'app/accounts/views/accountsPasswordHint.html',
+                controller: 'accountsPasswordHintController',
+                data: {
+                    pageTitle: 'Master Password Hint',
+                    bodyClass: 'login-page'
+                }
+            })
+            .state('frontend.register', {
+                url: '^/register',
+                templateUrl: 'app/accounts/views/accountsRegister.html',
+                controller: 'accountsRegisterController',
+                data: {
+                    pageTitle: 'Register',
+                    bodyClass: 'register-page'
+                }
+            });
+    })
+    .run(function ($rootScope, authService, jwtHelper, tokenService, $state) {
+        $rootScope.$on('$stateChangeStart', function (event, toState, toParams) {
+            if (!toState.data || !toState.data.authorize) {
+                if (authService.isAuthenticated() && !jwtHelper.isTokenExpired(tokenService.getToken())) {
+                    event.preventDefault();
+                    $state.go('backend.vault');
+                }
+
+                return;
+            }
+
+            if (!authService.isAuthenticated() || jwtHelper.isTokenExpired(tokenService.getToken())) {
+                event.preventDefault();
+                authService.logOut();
+                $state.go('frontend.login.info');
+            }
+        });
+    });

src/Web/wwwroot/app/directives/apiFieldDirective.js

@@ -0,0 +1,30 @@
+angular
+    .module('bit.directives')
+
+    .directive('apiField', function () {
+        var linkFn = function (scope, element, attrs, ngModel) {
+            ngModel.$registerApiError = registerApiError;
+            ngModel.$validators.apiValidate = apiValidator;
+
+            function apiValidator() {
+                ngModel.$setValidity('api', true);
+                return true;
+            }
+
+            function registerApiError() {
+                ngModel.$setValidity('api', false);
+            }
+        };
+
+        return {
+            require: 'ngModel',
+            restrict: 'A',
+            compile: function (elem, attrs) {
+                if (!attrs.name || attrs.name === '') {
+                    throw 'api-field element does not have a valid name attribute';
+                }
+
+                return linkFn;
+            }
+        };
+    });

src/Web/wwwroot/app/directives/apiFormDirective.js

@@ -0,0 +1,35 @@
+angular
+    .module('bit.directives')
+
+    .directive('apiForm', function ($rootScope, validationService) {
+        return {
+            require: 'form',
+            restrict: 'A',
+            link: function (scope, element, attrs, formCtrl) {
+                var watchPromise = attrs.apiForm || null;
+                if (watchPromise !== void 0) {
+                    scope.$watch(watchPromise, formSubmitted.bind(null, formCtrl, scope));
+                }
+            }
+        };
+
+        function formSubmitted(form, scope, promise) {
+            if (!promise || !promise.then) {
+                return;
+            }
+
+            // reset errors
+            form.$errors = null;
+
+            // start loading
+            form.$loading = true;
+
+            promise.then(function success(response) {
+                form.$loading = false;
+            }, function failure(reason) {
+                form.$loading = false;
+                validationService.addErrors(form, reason);
+                scope.$broadcast('show-errors-check-validity');
+            });
+        }
+    });

src/Web/wwwroot/app/directives/directivesModule.js

@@ -0,0 +1,2 @@
+angular
+    .module('bit.directives', []);

src/Web/wwwroot/app/directives/masterPasswordDirective.js

@@ -0,0 +1,40 @@
+angular
+    .module('bit.directives')
+
+    .directive('masterPassword', function (cryptoService, authService) {
+        return {
+            require: 'ngModel',
+            restrict: 'A',
+            link: function (scope, elem, attr, ngModel) {
+                var profile = authService.getUserProfile();
+                if (!profile) {
+                    return;
+                }
+
+                // For DOM -> model validation
+                ngModel.$parsers.unshift(function (value) {
+                    if (!value) {
+                        return undefined;
+                    }
+
+                    var key = cryptoService.makeKey(value, profile.email, true);
+                    var valid = key === cryptoService.getKey(true);
+                    ngModel.$setValidity('masterPassword', valid);
+                    return valid ? value : undefined;
+                });
+
+                // For model -> DOM validation
+                ngModel.$formatters.unshift(function (value) {
+                    if (!value) {
+                        return undefined;
+                    }
+
+                    var key = cryptoService.makeKey(value, profile.email, true);
+                    var valid = key === cryptoService.getKey(true);
+
+                    ngModel.$setValidity('masterPassword', valid);
+                    return value;
+                });
+            }
+        };
+    });

src/Web/wwwroot/app/directives/pageTitleDirective.js

@@ -0,0 +1,22 @@
+angular
+    .module('bit.directives')
+
+    .directive('pageTitle', function ($rootScope, $timeout, appSettings) {
+        return {
+            link: function (scope, element) {
+                var listener = function (event, toState, toParams, fromState, fromParams) {
+                    // Default title
+                    var title = 'bitwarden Password Manager';
+                    if (toState.data && toState.data.pageTitle) {
+                        title = toState.data.pageTitle + ' - bitwarden Password Manager';
+                    }
+
+                    $timeout(function () {
+                        element.text(title);
+                    });
+                };
+
+                $rootScope.$on('$stateChangeStart', listener);
+            }
+        };
+    });

src/Web/wwwroot/app/directives/passwordMeterDirective.js

@@ -0,0 +1,73 @@
+angular
+    .module('bit.directives')
+
+    .directive('passwordMeter', function () {
+        return {
+            template: '<div class="progress {{outerClass}}"><div class="progress-bar progress-bar-{{valueClass}}" ' +
+                'role="progressbar" aria-valuenow="{{value}}" aria-valuemin="0" aria-valuemax="100" ' +
+                'ng-style="{width : ( value + \'%\' ) }"><span class="sr-only">{{value}}%</span></div></div>',
+            restrict: 'A',
+            scope: {
+                password: '=passwordMeter',
+                username: '=passwordMeterUsername',
+                outerClass: '@?'
+            },
+            link: function (scope) {
+                var measureStrength = function (username, password) {
+                    if (!password || password === username) {
+                        return 0;
+                    }
+
+                    var strength = password.length;
+
+                    if (username && username !== '') {
+                        if (username.indexOf(password) !== -1) strength -= 15;
+                        if (password.indexOf(username) !== -1) strength -= username.length;
+                    }
+
+                    if (password.length > 0 && password.length <= 4) strength += password.length;
+                    else if (password.length >= 5 && password.length <= 7) strength += 6;
+                    else if (password.length >= 8 && password.length <= 15) strength += 12;
+                    else if (password.length >= 16) strength += 18;
+
+                    if (password.match(/[a-z]/)) strength += 1;
+                    if (password.match(/[A-Z]/)) strength += 5;
+                    if (password.match(/\d/)) strength += 5;
+                    if (password.match(/.*\d.*\d.*\d/)) strength += 5;
+                    if (password.match(/[!,@,#,$,%,^,&,*,?,_,~]/)) strength += 5;
+                    if (password.match(/.*[!,@,#,$,%,^,&,*,?,_,~].*[!,@,#,$,%,^,&,*,?,_,~]/)) strength += 5;
+                    if (password.match(/(?=.*[a-z])(?=.*[A-Z])/)) strength += 2;
+                    if (password.match(/(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/)) strength += 2;
+                    if (password.match(/(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!,@,#,$,%,^,&,*,?,_,~])/)) strength += 2;
+
+                    strength = Math.round(strength * 2);
+                    return Math.max(0, Math.min(100, strength));
+                };
+
+                var getClass = function (strength) {
+                    switch (Math.round(strength / 33)) {
+                        case 0:
+                        case 1:
+                            return 'danger';
+                        case 2:
+                            return 'warning';
+                        case 3:
+                            return 'success';
+                    }
+                };
+
+                var updateMeter = function (scope) {
+                    scope.value = measureStrength(scope.username, scope.password);
+                    scope.valueClass = getClass(scope.value);
+                };
+
+                scope.$watch('password', function () {
+                    updateMeter(scope);
+                });
+
+                scope.$watch('username', function () {
+                    updateMeter(scope);
+                });
+            },
+        };
+    });

src/Web/wwwroot/app/directives/passwordViewerDirective.js

@@ -0,0 +1,27 @@
+angular
+    .module('bit.directives')
+
+    .directive('passwordViewer', function () {
+        return {
+            restrict: 'A',
+            link: function (scope, element, attr) {
+                var passwordViewer = attr.passwordViewer;
+                if (!passwordViewer) {
+                    return;
+                }
+
+                element.onclick = function (event) { };
+                element.on('click', function (event) {
+                    var passwordElement = $(passwordViewer);
+                    if (passwordElement && passwordElement.attr('type') === 'password') {
+                        element.removeClass('fa-eye').addClass('fa-eye-slash');
+                        passwordElement.attr('type', 'text');
+                    }
+                    else if (passwordElement && passwordElement.attr('type') === 'text') {
+                        element.removeClass('fa-eye-slash').addClass('fa-eye');
+                        passwordElement.attr('type', 'password');
+                    }
+                });
+            }
+        };
+    });

src/Web/wwwroot/app/global/globalModule.js

@@ -0,0 +1,2 @@
+angular
+    .module('bit.global', []);

src/Web/wwwroot/app/global/mainController.js

@@ -0,0 +1,82 @@
+angular
+    .module('bit.global')
+
+    .controller('mainController', function ($scope, $state, authService, appSettings, toastr) {
+        var vm = this;
+        vm.bodyClass = '';
+        vm.userProfile = null;
+        vm.searchVaultText = null;
+        vm.version = appSettings.version;
+
+        $scope.currentYear = new Date().getFullYear();
+
+        $scope.$on('$viewContentLoaded', function () {
+            if ($.AdminLTE) {
+                if ($.AdminLTE.layout) {
+                    $.AdminLTE.layout.fix();
+                    $.AdminLTE.layout.fixSidebar();
+                }
+
+                if ($.AdminLTE.pushMenu) {
+                    $.AdminLTE.pushMenu.expandOnHover();
+                }
+            }
+        });
+
+        $scope.$on('$stateChangeSuccess', function (event, toState, toParams, fromState, fromParams) {
+            vm.searchVaultText = null;
+            vm.userProfile = authService.getUserProfile();
+
+            if (toState.data.bodyClass) {
+                vm.bodyClass = toState.data.bodyClass;
+                return;
+            }
+            else {
+                vm.bodyClass = '';
+            }
+        });
+
+        $scope.searchVault = function () {
+            $state.go('backend.vault');
+        };
+
+        $scope.addSite = function () {
+            $scope.$broadcast('vaultAddSite');
+        };
+
+        $scope.addFolder = function () {
+            $scope.$broadcast('vaultAddFolder');
+        };
+
+        $scope.changeEmail = function () {
+            $scope.$broadcast('settingsChangeEmail');
+        };
+
+        $scope.changePassword = function () {
+            $scope.$broadcast('settingsChangePassword');
+        };
+
+        $scope.sessions = function () {
+            $scope.$broadcast('settingsSessions');
+        };
+
+        $scope.delete = function () {
+            $scope.$broadcast('settingsDelete');
+        };
+
+        $scope.twoFactor = function () {
+            $scope.$broadcast('settingsTwoFactor');
+        };
+
+        $scope.import = function () {
+            $scope.$broadcast('toolsImport');
+        };
+
+        $scope.export = function () {
+            $scope.$broadcast('toolsExport');
+        };
+
+        $scope.audits = function () {
+            $scope.$broadcast('toolsAudits');
+        };
+    });

src/Web/wwwroot/app/global/sideNavController.js

@@ -0,0 +1,6 @@
+angular
+    .module('bit.global')
+
+    .controller('sideNavController', function ($scope, $state) {
+        $scope.$state = $state;
+    });

src/Web/wwwroot/app/global/topNavController.js

@@ -0,0 +1,6 @@
+angular
+    .module('bit.global')
+
+    .controller('topNavController', function ($scope) {
+        
+    });

src/Web/wwwroot/app/services/apiService.js

@@ -0,0 +1,53 @@
+angular
+    .module('bit.services')
+
+    .factory('apiService', function ($resource, tokenService, appSettings) {
+        var _service = {},
+            _apiUri = appSettings.apiUri;
+
+        _service.sites = $resource(_apiUri + '/sites/:id', {}, {
+            get: { method: 'GET', params: { id: '@id' } },
+            list: { method: 'GET', params: {} },
+            post: { method: 'POST', params: {} },
+            put: { method: 'POST', params: { id: '@id' } },
+            del: { url: _apiUri + '/sites/:id/delete', method: 'POST', params: { id: '@id' } }
+        });
+
+        _service.folders = $resource(_apiUri + '/folders/:id', {}, {
+            get: { method: 'GET', params: { id: '@id' } },
+            list: { method: 'GET', params: {} },
+            post: { method: 'POST', params: {} },
+            put: { method: 'POST', params: { id: '@id' } },
+            del: { url: _apiUri + '/folders/:id/delete', method: 'POST', params: { id: '@id' } }
+        });
+
+        _service.ciphers = $resource(_apiUri + '/ciphers/:id', {}, {
+            get: { method: 'GET', params: { id: '@id' } },
+            list: { method: 'GET', params: {} },
+            'import': { url: _apiUri + '/ciphers/import', method: 'POST', params: {} },
+            favorite: { url: _apiUri + '/ciphers/:id/favorite', method: 'POST', params: { id: '@id' } },
+            del: { url: _apiUri + '/ciphers/:id/delete', method: 'POST', params: { id: '@id' } }
+        });
+
+        _service.accounts = $resource(_apiUri + '/accounts', {}, {
+            register: { url: _apiUri + '/accounts/register', method: 'POST', params: {} },
+            emailToken: { url: _apiUri + '/accounts/email-token', method: 'POST', params: {} },
+            email: { url: _apiUri + '/accounts/email', method: 'POST', params: {} },
+            putPassword: { url: _apiUri + '/accounts/password', method: 'POST', params: {} },
+            getProfile: { url: _apiUri + '/accounts/profile', method: 'GET', params: {} },
+            putProfile: { url: _apiUri + '/accounts/profile', method: 'POST', params: {} },
+            getTwoFactor: { url: _apiUri + '/accounts/two-factor', method: 'GET', params: {} },
+            putTwoFactor: { url: _apiUri + '/accounts/two-factor', method: 'POST', params: {} },
+            postPasswordHint: { url: _apiUri + '/accounts/password-hint', method: 'POST', params: {} },
+            putSecurityStamp: { url: _apiUri + '/accounts/security-stamp', method: 'POST', params: {} },
+            'import': { url: _apiUri + '/accounts/import', method: 'POST', params: {} },
+            postDelete: { url: _apiUri + '/accounts/delete', method: 'POST', params: {} }
+        });
+
+        _service.auth = $resource(_apiUri + '/auth', {}, {
+            token: { url: _apiUri + '/auth/token', method: 'POST', params: {} },
+            tokenTwoFactor: { url: _apiUri + '/auth/token/two-factor', method: 'POST', params: {} }
+        });
+
+        return _service;
+    });

src/Web/wwwroot/app/services/authService.js

@@ -0,0 +1,112 @@
+angular
+    .module('bit.services')
+
+    .factory('authService', function (cryptoService, apiService, tokenService, $q, jwtHelper) {
+        var _service = {},
+            _userProfile = null;
+
+        _service.logIn = function (email, masterPassword) {
+            email = email.toLowerCase();
+            var key = cryptoService.makeKey(masterPassword, email);
+
+            var request = {
+                email: email,
+                masterPasswordHash: cryptoService.hashPassword(masterPassword, key)
+            };
+
+            var deferred = $q.defer();
+            apiService.auth.token(request, function (response) {
+                if (!response || !response.Token) {
+                    return;
+                }
+
+                tokenService.setToken(response.Token);
+                cryptoService.setKey(key);
+                _service.setUserProfile(response.Profile);
+
+                deferred.resolve(response);
+            }, function (error) {
+                deferred.reject(error);
+            });
+
+            return deferred.promise;
+        };
+
+        _service.logInTwoFactor = function (code, provider) {
+            var request = {
+                code: code,
+                provider: provider
+            };
+
+            var deferred = $q.defer();
+            apiService.auth.tokenTwoFactor(request, function (response) {
+                if (!response || !response.Token) {
+                    return;
+                }
+
+                tokenService.setToken(response.Token);
+                _service.setUserProfile(response.Profile);
+
+                deferred.resolve(response);
+            }, function (error) {
+                deferred.reject(error);
+            });
+
+            return deferred.promise;
+        };
+
+        _service.logOut = function () {
+            tokenService.clearToken();
+            cryptoService.clearKey();
+            _userProfile = null;
+        };
+
+        _service.getUserProfile = function () {
+            if (!_userProfile) {
+                _service.setUserProfile();
+            }
+
+            return _userProfile;
+        };
+
+        _service.setUserProfile = function (profile) {
+            var token = tokenService.getToken();
+            if (!token) {
+                return;
+            }
+
+            var decodedToken = jwtHelper.decodeToken(token);
+            var twoFactor = decodedToken.authmethod === "TwoFactor";
+
+            _userProfile = {
+                id: decodedToken.nameid,
+                email: decodedToken.email,
+                twoFactor: twoFactor
+            };
+
+            if (!twoFactor && profile) {
+                loadProfile(profile);
+            }
+            else if (!twoFactor && !profile) {
+                apiService.accounts.getProfile({}, loadProfile);
+            }
+        };
+
+        function loadProfile(profile) {
+            _userProfile.extended = {
+                name: profile.Name,
+                twoFactorEnabled: profile.TwoFactorEnabled,
+                culture: profile.Culture
+            };
+        }
+
+        _service.isAuthenticated = function () {
+            return _service.getUserProfile() !== null && !_service.getUserProfile().twoFactor;
+        };
+
+        _service.isTwoFactorAuthenticated = function () {
+            return _service.getUserProfile() !== null && _service.getUserProfile().twoFactor;
+        };
+
+        return _service;
+    });

src/Web/wwwroot/app/services/cipherService.js

@@ -0,0 +1,112 @@
+angular
+    .module('bit.services')
+
+    .factory('cipherService', function (cryptoService, apiService) {
+        var _service = {};
+
+        _service.decryptSites = function (encryptedSites) {
+            if (!encryptedSites) throw "encryptedSites is undefined or null";
+
+            var unencryptedSites = [];
+            for (var i = 0; i < encryptedSites.length; i++) {
+                unencryptedSites.push(_service.decryptSite(encryptedSites[i]));
+            }
+
+            return unencryptedSites;
+        };
+
+        _service.decryptSite = function (encryptedSite) {
+            if (!encryptedSite) throw "encryptedSite is undefined or null";
+
+            var site = {
+                id: encryptedSite.Id,
+                'type': 1,
+                folderId: encryptedSite.FolderId,
+                favorite: encryptedSite.Favorite,
+                name: cryptoService.decrypt(encryptedSite.Name),
+                uri: encryptedSite.Uri && encryptedSite.Uri !== '' ? cryptoService.decrypt(encryptedSite.Uri) : null,
+                username: encryptedSite.Username && encryptedSite.Username !== '' ? cryptoService.decrypt(encryptedSite.Username) : null,
+                password: encryptedSite.Password && encryptedSite.Password !== '' ? cryptoService.decrypt(encryptedSite.Password) : null,
+                notes: encryptedSite.Notes && encryptedSite.Notes !== '' ? cryptoService.decrypt(encryptedSite.Notes) : null
+            };
+
+            if (encryptedSite.Folder) {
+                site.folder = {
+                    name: cryptoService.decrypt(encryptedSite.Folder.Name)
+                };
+            }
+
+            return site;
+        };
+
+        _service.decryptFolders = function (encryptedFolders) {
+            if (!encryptedFolders) throw "encryptedFolders is undefined or null";
+
+            var unencryptedFolders = [];
+            for (var i = 0; i < encryptedFolders.length; i++) {
+                unencryptedFolders.push(_service.decryptFolder(encryptedFolders[i]));
+            }
+
+            return unencryptedFolders;
+        };
+
+        _service.decryptFolder = function (encryptedFolder) {
+            if (!encryptedFolder) throw "encryptedFolder is undefined or null";
+
+            return {
+                id: encryptedFolder.Id,
+                'type': 0,
+                name: cryptoService.decrypt(encryptedFolder.Name)
+            };
+        };
+
+        _service.encryptSites = function (unencryptedSites, key) {
+            if (!unencryptedSites) throw "unencryptedSites is undefined or null";
+
+            var encryptedSites = [];
+            for (var i = 0; i < unencryptedSites.length; i++) {
+                encryptedSites.push(_service.encryptSite(unencryptedSites[i], key));
+            }
+
+            return encryptedSites;
+        };
+
+        _service.encryptSite = function (unencryptedSite, key) {
+            if (!unencryptedSite) throw "unencryptedSite is undefined or null";
+
+            return {
+                id: unencryptedSite.id,
+                'type': 1,
+                folderId: unencryptedSite.folderId === '' ? null : unencryptedSite.folderId,
+                favorite: unencryptedSite.favorite !== null ? unencryptedSite.favorite : false,
+                uri: !unencryptedSite.uri || unencryptedSite.uri === '' ? null : cryptoService.encrypt(unencryptedSite.uri, key),
+                name: cryptoService.encrypt(unencryptedSite.name, key),
+                username: !unencryptedSite.username || unencryptedSite.username === '' ? null : cryptoService.encrypt(unencryptedSite.username, key),
+                password: !unencryptedSite.password || unencryptedSite.password === '' ? null : cryptoService.encrypt(unencryptedSite.password, key),
+                notes: !unencryptedSite.notes || unencryptedSite.notes === '' ? null : cryptoService.encrypt(unencryptedSite.notes, key)
+            };
+        };
+
+        _service.encryptFolders = function (unencryptedFolders, key) {
+            if (!unencryptedFolders) throw "unencryptedFolders is undefined or null";
+
+            var encryptedFolders = [];
+            for (var i = 0; i < unencryptedFolders.length; i++) {
+                encryptedFolders.push(_service.encryptFolder(unencryptedFolders[i], key));
+            }
+
+            return encryptedFolders;
+        };
+
+        _service.encryptFolder = function (unencryptedFolder, key) {
+            if (!unencryptedFolder) throw "unencryptedFolder is undefined or null";
+
+            return {
+                id: unencryptedFolder.id,
+                'type': 0,
+                name: cryptoService.encrypt(unencryptedFolder.name, key)
+            };
+        };
+
+        return _service;
+    });

src/Web/wwwroot/app/services/cryptoService.js

@@ -0,0 +1,114 @@
+angular
+    .module('bit.services')
+
+    .factory('cryptoService', function ($sessionStorage) {
+        var _service = {},
+            _key,
+            _b64Key,
+            _aes;
+
+        sjcl.beware["CBC mode is dangerous because it doesn't protect message integrity."]();
+
+        _service.setKey = function (key) {
+            _key = key;
+            $sessionStorage.key = sjcl.codec.base64.fromBits(key);
+        };
+
+        _service.getKey = function (b64) {
+            if (b64 && b64 === true && _b64Key) {
+                return _b64Key;
+            }
+            else if (!b64 && _key) {
+                return _key;
+            }
+
+            if ($sessionStorage.key) {
+                _key = sjcl.codec.base64.toBits($sessionStorage.key);
+            }
+
+            if (b64 && b64 === true) {
+                _b64Key = sjcl.codec.base64.fromBits(_key);
+                return _b64Key;
+            }
+
+            return _key;
+        };
+
+        _service.clearKey = function () {
+            _key = _b64Key = _aes = null;
+            delete $sessionStorage.key;
+        };
+
+        _service.makeKey = function (password, salt, b64) {
+            var key = sjcl.misc.pbkdf2(password, salt, 5000, 256, null);
+
+            if (b64 && b64 === true) {
+                return sjcl.codec.base64.fromBits(key);
+            }
+
+            return key;
+        };
+
+        _service.hashPassword = function (password, key) {
+            if (!key) {
+                key = _service.getKey();
+            }
+
+            if (!password || !key) {
+                throw 'Invalid parameters.';
+            }
+
+            var hashBits = sjcl.misc.pbkdf2(key, password, 1, 256, null);
+            return sjcl.codec.base64.fromBits(hashBits);
+        };
+
+        _service.getAes = function () {
+            if (!_aes && _service.getKey()) {
+                _aes = new sjcl.cipher.aes(_service.getKey());
+            }
+
+            return _aes;
+        };
+
+        _service.encrypt = function (plaintextValue, key) {
+            if (!_service.getKey() && !key) {
+                throw 'Encryption key unavailable.';
+            }
+
+            if (!key) {
+                key = _service.getKey();
+            }
+
+            var response = {};
+            var params = {
+                mode: "cbc",
+                iv: sjcl.random.randomWords(4, 10)
+            };
+
+            var ctJson = sjcl.encrypt(key, plaintextValue, params, response);
+
+            var ct = ctJson.match(/"ct":"([^"]*)"/)[1];
+            var iv = sjcl.codec.base64.fromBits(response.iv);
+
+            return iv + "|" + ct;
+        };
+
+        _service.decrypt = function (encValue) {
+            if (!_service.getAes()) {
+                throw 'AES encryption unavailable.';
+            }
+
+            var encPieces = encValue.split('|');
+            if (encPieces.length !== 2) {
+                return '';
+            }
+
+            var ivBits = sjcl.codec.base64.toBits(encPieces[0]);
+            var ctBits = sjcl.codec.base64.toBits(encPieces[1]);
+
+            var decBits = sjcl.mode.cbc.decrypt(_service.getAes(), ctBits, ivBits, null);
+            return sjcl.codec.utf8String.fromBits(decBits);
+        };
+
+        return _service;
+    });

src/Web/wwwroot/app/services/importService.js

@@ -0,0 +1,784 @@
+angular
+    .module('bit.services')
+
+    .factory('importService', function () {
+        var _service = {};
+
+        _service.import = function (source, file, success, error) {
+            if (!file) {
+                error();
+                return;
+            }
+
+            switch (source) {
+                case 'local':
+                    importLocal(file, success, error);
+                    break;
+                case 'lastpass':
+                    importLastPass(file, success, error);
+                    break;
+                case 'safeincloudcsv':
+                    importSafeInCloudCsv(file, success, error);
+                    break;
+                case 'safeincloudxml':
+                    importSafeInCloudXml(file, success, error);
+                    break;
+                case 'keypassxml':
+                    importKeyPassXml(file, success, error);
+                    break;
+                case 'padlockcsv':
+                    importPadlockCsv(file, success, error);
+                    break;
+                case '1password1pif':
+                    import1Password1Pif(file, success, error);
+                    break;
+                case 'chromecsv':
+                    importChromeCsv(file, success, error);
+                    break;
+                case 'firefoxpasswordexportercsvxml':
+                    importFirefoxPasswordExporterCsvXml(file, success, error);
+                    break;
+                case 'upmcsv':
+                    importUpmCsv(file, success, error);
+                    break;
+                default:
+                    error();
+                    break;
+            }
+        };
+
+        function trimUri(uri) {
+            if (uri.length > 1000) {
+                return uri.substring(0, 1000);
+            }
+
+            return uri;
+        }
+
+        function parseCsvErrors(results) {
+            if (results.errors && results.errors.length) {
+                for (var i = 0; i < results.errors.length; i++) {
+                    console.warn('Error parsing row ' + results.errors[i].row + ': ' + results.errors[i].message);
+                }
+            }
+        }
+
+        function importLocal(file, success, error) {
+            Papa.parse(file, {
+                header: true,
+                encoding: 'UTF-8',
+                complete: function (results) {
+                    parseCsvErrors(results);
+
+                    var folders = [],
+                        sites = [],
+                        folderRelationships = [];
+
+                    angular.forEach(results.data, function (value, key) {
+                        var folderIndex = folders.length,
+                            siteIndex = sites.length,
+                            hasFolder = value.folder && value.folder !== '',
+                            addFolder = hasFolder;
+
+                        if (hasFolder) {
+                            for (var i = 0; i < folders.length; i++) {
+                                if (folders[i].name === value.folder) {
+                                    addFolder = false;
+                                    folderIndex = i;
+                                    break;
+                                }
+                            }
+                        }
+
+                        sites.push({
+                            favorite: value.favorite !== null ? value.favorite : false,
+                            uri: value.uri && value.uri !== '' ? trimUri(value.uri) : null,
+                            username: value.username && value.username !== '' ? value.username : null,
+                            password: value.password && value.password !== '' ? value.password : null,
+                            notes: value.notes && value.notes !== '' ? value.notes : null,
+                            name: value.name && value.name !== '' ? value.name : '--',
+                        });
+
+                        if (addFolder) {
+                            folders.push({
+                                name: value.folder
+                            });
+                        }
+
+                        if (hasFolder) {
+                            var relationship = {
+                                key: siteIndex,
+                                value: folderIndex
+                            };
+                            folderRelationships.push(relationship);
+                        }
+                    });
+
+                    success(folders, sites, folderRelationships);
+                }
+            });
+        }
+
+        function importLastPass(file, success, error) {
+            if (file.type === 'text/html') {
+                var reader = new FileReader();
+                reader.readAsText(file, 'utf-8');
+                reader.onload = function (evt) {
+                    var doc = $(evt.target.result);
+                    var pre = doc.find('pre');
+                    var csv, results;
+
+                    if (pre.length === 1) {
+                        csv = pre.text().trim();
+                        results = Papa.parse(csv, {
+                            header: true,
+                            encoding: 'UTF-8'
+                        });
+                        parseData(results.data);
+                    }
+                    else {
+                        var foundPre = false;
+                        for (var i = 0; i < doc.length; i++) {
+                            if (doc[i].tagName.toLowerCase() === 'pre') {
+                                foundPre = true;
+                                csv = doc[i].outerText.trim();
+                                results = Papa.parse(csv, {
+                                    header: true,
+                                    encoding: 'UTF-8'
+                                });
+                                parseData(results.data);
+                                break;
+                            }
+                        }
+
+                        if (!foundPre) {
+                            error();
+                        }
+                    }
+                };
+
+                reader.onerror = function (evt) {
+                    error();
+                };
+            }
+            else {
+                Papa.parse(file, {
+                    header: true,
+                    encoding: 'UTF-8',
+                    complete: function (results) {
+                        parseCsvErrors(results);
+                        parseData(results.data);
+                    }
+                });
+            }
+
+            function parseData(data) {
+                var folders = [],
+                    sites = [],
+                    siteRelationships = [],
+                    badDataSites = 0;
+
+                angular.forEach(data, function (value, key) {
+                    var folderIndex = folders.length,
+                        siteIndex = sites.length,
+                        hasFolder = value.grouping && value.grouping !== '' && value.grouping !== '(none)',
+                        addFolder = hasFolder;
+
+                    if (hasFolder) {
+                        for (var i = 0; i < folders.length; i++) {
+                            if (folders[i].name === value.grouping) {
+                                addFolder = false;
+                                folderIndex = i;
+                                break;
+                            }
+                        }
+                    }
+
+                    if ((!value.name || value.name === '') && (!value.password || value.password === '')) {
+                        badDataSites++;
+                    }
+
+                    sites.push({
+                        favorite: value.fav === '1',
+                        uri: value.url && value.url !== '' ? trimUri(value.url) : null,
+                        username: value.username && value.username !== '' ? value.username : null,
+                        password: value.password && value.password !== '' ? value.password : null,
+                        notes: value.extra && value.extra !== '' ? value.extra : null,
+                        name: value.name && value.name !== '' ? value.name : '--',
+                    });
+
+                    if (addFolder) {
+                        folders.push({
+                            name: value.grouping
+                        });
+                    }
+
+                    if (hasFolder) {
+                        var relationship = {
+                            key: siteIndex,
+                            value: folderIndex
+                        };
+                        siteRelationships.push(relationship);
+                    }
+                });
+
+                if (badDataSites && badDataSites > (data.length / 2)) {
+                    error('CSV data is not formatted correctly from LastPass. Please check your import file and try again.');
+                }
+                else {
+                    success(folders, sites, siteRelationships);
+                }
+            }
+        }
+
+        function importSafeInCloudCsv(file, success, error) {
+            Papa.parse(file, {
+                header: true,
+                encoding: 'UTF-8',
+                complete: function (results) {
+                    parseCsvErrors(results);
+
+                    var folders = [],
+                        sites = [],
+                        siteRelationships = [];
+
+                    angular.forEach(results.data, function (value, key) {
+                        sites.push({
+                            favorite: false,
+                            uri: value.URL && value.URL !== '' ? trimUri(value.URL) : null,
+                            username: value.Login && value.Login !== '' ? value.Login : null,
+                            password: value.Password && value.Password !== '' ? value.Password : null,
+                            notes: value.Notes && value.Notes !== '' ? value.Notes : null,
+                            name: value.Title && value.Title !== '' ? value.Title : '--',
+                        });
+                    });
+
+                    success(folders, sites, siteRelationships);
+                }
+            });
+        }
+
+        function importSafeInCloudXml(file, success, error) {
+            var folders = [],
+                sites = [],
+                siteRelationships = [],
+                foldersIndex = [];
+
+            var i = 0,
+                j = 0;
+
+            var reader = new FileReader();
+            reader.readAsText(file, 'utf-8');
+            reader.onload = function (evt) {
+                var xmlDoc = $.parseXML(evt.target.result),
+                    xml = $(xmlDoc);
+
+                var db = xml.find('database');
+                if (db.length) {
+                    var labels = db.find('> label');
+                    if (labels.length) {
+                        for (i = 0; i < labels.length; i++) {
+                            var label = $(labels[i]);
+                            foldersIndex[label.attr('id')] = folders.length;
+                            folders.push({
+                                name: label.attr('name')
+                            });
+                        }
+                    }
+
+                    var cards = db.find('> card');
+                    if (cards.length) {
+                        for (i = 0; i < cards.length; i++) {
+                            var card = $(cards[i]);
+                            if (card.attr('template') === 'true') {
+                                continue;
+                            }
+
+                            var site = {
+                                favorite: false,
+                                uri: null,
+                                username: null,
+                                password: null,
+                                notes: null,
+                                name: card.attr('title'),
+                            };
+
+                            var fields = card.find('> field');
+                            for (j = 0; j < fields.length; j++) {
+                                var field = $(fields[j]);
+
+                                var text = field.text();
+                                var type = field.attr('type');
+
+                                if (text && text !== '') {
+                                    if (type === 'login') {
+                                        site.username = text;
+                                    }
+                                    else if (type === 'password') {
+                                        site.password = text;
+                                    }
+                                    else if (type === 'notes') {
+                                        site.notes = text;
+                                    }
+                                    else if (type === 'website') {
+                                        site.uri = trimUri(text);
+                                    }
+                                }
+                            }
+
+                            sites.push(site);
+
+                            labels = card.find('> label_id');
+                            if (labels.length) {
+                                var labelId = $(labels[0]).text();
+                                var folderIndex = foldersIndex[labelId];
+                                if (labelId !== null && labelId !== '' && folderIndex !== null) {
+                                    siteRelationships.push({
+                                        key: sites.length - 1,
+                                        value: folderIndex
+                                    });
+                                }
+                            }
+                        }
+                    }
+
+                    success(folders, sites, siteRelationships);
+                }
+                else {
+                    error();
+                }
+            };
+
+            reader.onerror = function (evt) {
+                error();
+            };
+        }
+
+        function importPadlockCsv(file, success, error) {
+            Papa.parse(file, {
+                encoding: 'UTF-8',
+                complete: function (results) {
+                    parseCsvErrors(results);
+
+                    var folders = [],
+                        sites = [],
+                        folderRelationships = [];
+
+                    var customFieldHeaders = [];
+
+                    // CSV index ref: 0 = name, 1 = category, 2 = username, 3 = password, 4+ = custom fields
+
+                    var i = 0,
+                        j = 0;
+
+                    for (i = 0; i < results.data.length; i++) {
+                        var value = results.data[i];
+                        if (i === 0) {
+                            // header row
+                            for (j = 4; j < value.length; j++) {
+                                customFieldHeaders.push(value[j]);
+                            }
+
+                            continue;
+                        }
+
+                        var folderIndex = folders.length,
+                            siteIndex = sites.length,
+                            hasFolder = value[1] && value[1] !== '',
+                            addFolder = hasFolder;
+
+                        if (hasFolder) {
+                            for (j = 0; j < folders.length; j++) {
+                                if (folders[j].name === value[1]) {
+                                    addFolder = false;
+                                    folderIndex = j;
+                                    break;
+                                }
+                            }
+                        }
+
+                        var site = {
+                            favorite: false,
+                            uri: null,
+                            username: value[2] && value[2] !== '' ? value[2] : null,
+                            password: value[3] && value[3] !== '' ? value[3] : null,
+                            notes: null,
+                            name: value[0] && value[0] !== '' ? value[0] : '--',
+                        };
+
+                        if (customFieldHeaders.length) {
+                            for (j = 4; j < value.length; j++) {
+                                var cf = value[j];
+                                if (!cf || cf === '') {
+                                    continue;
+                                }
+
+                                var cfHeader = customFieldHeaders[j - 4];
+                                if (cfHeader.toLowerCase() === 'url' || cfHeader.toLowerCase() === 'uri') {
+                                    site.uri = trimUri(cf);
+                                }
+                                else {
+                                    if (site.notes === null) {
+                                        site.notes = '';
+                                    }
+
+                                    site.notes += cfHeader + ': ' + cf + '\n';
+                                }
+                            }
+                        }
+
+                        sites.push(site);
+
+                        if (addFolder) {
+                            folders.push({
+                                name: value[1]
+                            });
+                        }
+
+                        if (hasFolder) {
+                            folderRelationships.push({
+                                key: siteIndex,
+                                value: folderIndex
+                            });
+                        }
+                    }
+
+                    success(folders, sites, folderRelationships);
+                }
+            });
+        }
+
+        function importKeyPassXml(file, success, error) {
+            var folders = [],
+                sites = [],
+                siteRelationships = [];
+
+            var reader = new FileReader();
+            reader.readAsText(file, 'utf-8');
+            reader.onload = function (evt) {
+                var xmlDoc = $.parseXML(evt.target.result),
+                    xml = $(xmlDoc);
+
+                var root = xml.find('Root');
+                if (root.length) {
+                    var group = root.find('> Group');
+                    if (group.length) {
+                        traverse($(group[0]), true, '');
+                        success(folders, sites, siteRelationships);
+                    }
+                }
+                else {
+                    error();
+                }
+            };
+
+            reader.onerror = function (evt) {
+                error();
+            };
+
+            function traverse(node, isRootNode, groupNamePrefix) {
+                var nodeEntries = [];
+                var folderIndex = folders.length;
+                var groupName = groupNamePrefix;
+
+                if (!isRootNode) {
+                    if (groupName !== '') {
+                        groupName += ' > ';
+                    }
+                    groupName += node.find('> Name').text();
+                    folders.push({
+                        name: groupName
+                    });
+                }
+
+                var entries = node.find('> Entry');
+                if (entries.length) {
+                    for (var i = 0; i < entries.length; i++) {
+                        var entry = $(entries[i]);
+                        var siteIndex = sites.length;
+                        var site = {
+                            favorite: false,
+                            uri: null,
+                            username: null,
+                            password: null,
+                            notes: null,
+                            name: null
+                        };
+
+                        var entryStrings = entry.find('> String');
+                        for (var j = 0; j < entryStrings.length; j++) {
+                            var entryString = $(entryStrings[j]);
+
+                            var key = entryString.find('> Key').text();
+                            var value = entryString.find('> Value').text();
+                            if (value === '') {
+                                continue;
+                            }
+
+                            switch (key) {
+                                case 'URL':
+                                    site.uri = trimUri(value);
+                                    break;
+                                case 'UserName':
+                                    site.username = value;
+                                    break;
+                                case 'Password':
+                                    site.password = value;
+                                    break;
+                                case 'Title':
+                                    site.name = value;
+                                    break;
+                                case 'Notes':
+                                    site.notes = site.notes === null ? value + '\n' : site.notes + value + '\n';
+                                    break;
+                                default:
+                                    // other custom fields
+                                    site.notes = site.notes === null ? key + ': ' + value + '\n'
+                                        : site.notes + key + ': ' + value + '\n';
+                                    break;
+                            }
+                        }
+
+                        if (site.name === null) {
+                            site.name = '--';
+                        }
+
+                        sites.push(site);
+
+                        if (!isRootNode) {
+                            siteRelationships.push({
+                                key: siteIndex,
+                                value: folderIndex
+                            });
+                        }
+                    }
+                }
+
+                var groups = node.find('> Group');
+                if (groups.length) {
+                    for (var k = 0; k < groups.length; k++) {
+                        traverse($(groups[k]), false, groupName);
+                    }
+                }
+            }
+        }
+
+        function import1Password1Pif(file, success, error) {
+            var folders = [],
+                sites = [],
+                siteRelationships = [];
+
+            var i = 0,
+                j = 0;
+
+            var reader = new FileReader();
+            reader.readAsText(file, 'utf-8');
+            reader.onload = function (evt) {
+                var fileContent = evt.target.result;
+                var fileLines = fileContent.split(/(?:\r\n|\r|\n)/);
+
+                for (i = 0; i < fileLines.length; i++) {
+                    var line = fileLines[i];
+                    if (!line.length || line[0] !== '{') {
+                        continue;
+                    }
+
+                    var item = JSON.parse(line);
+                    if (item.typeName !== 'webforms.WebForm') {
+                        continue;
+                    }
+
+                    var site = {
+                        favorite: item.openContents && item.openContents.faveIndex ? true : false,
+                        uri: item.location && item.location !== '' ? trimUri(item.location) : null,
+                        username: null,
+                        password: null,
+                        notes: null,
+                        name: item.title && item.title !== '' ? item.title : '--',
+                    };
+
+                    if (item.secureContents) {
+                        if (item.secureContents.notesPlain && item.secureContents.notesPlain !== '') {
+                            site.notes = item.secureContents.notesPlain;
+                        }
+
+                        if (item.secureContents.fields) {
+                            for (j = 0; j < item.secureContents.fields.length; j++) {
+                                var field = item.secureContents.fields[j];
+                                if (field.designation === 'username') {
+                                    site.username = field.value;
+                                }
+                                else if (field.designation === 'password') {
+                                    site.password = field.value;
+                                }
+                                else {
+                                    if (site.notes === null) {
+                                        site.notes = '';
+                                    }
+                                    else {
+                                        site.notes += '\n';
+                                    }
+
+                                    site.notes += (field.name + ': ' + field.value + '\n');
+                                }
+                            }
+                        }
+                    }
+
+                    sites.push(site);
+                }
+
+                success(folders, sites, siteRelationships);
+            };
+
+            reader.onerror = function (evt) {
+                error();
+            };
+        }
+
+        function importChromeCsv(file, success, error) {
+            Papa.parse(file, {
+                header: true,
+                encoding: 'UTF-8',
+                complete: function (results) {
+                    parseCsvErrors(results);
+
+                    var folders = [],
+                        sites = [],
+                        siteRelationships = [];
+
+                    angular.forEach(results.data, function (value, key) {
+                        sites.push({
+                            favorite: false,
+                            uri: value.url && value.url !== '' ? trimUri(value.url) : null,
+                            username: value.username && value.username !== '' ? value.username : null,
+                            password: value.password && value.password !== '' ? value.password : null,
+                            notes: null,
+                            name: value.name && value.name !== '' ? value.name : '--',
+                        });
+                    });
+
+                    success(folders, sites, siteRelationships);
+                }
+            });
+        }
+
+        function importFirefoxPasswordExporterCsvXml(file, success, error) {
+            var folders = [],
+                sites = [],
+                siteRelationships = [];
+
+            function getNameFromHost(host) {
+                var name = '--';
+                try {
+                    if (host && host !== '') {
+                        var parser = document.createElement('a');
+                        parser.href = host;
+                        if (parser.hostname) {
+                            name = parser.hostname;
+                        }
+                    }
+                }
+                catch (e) {
+                    // do nothing
+                }
+
+                return name;
+            }
+
+            if (file.type === 'text/xml') {
+                var reader = new FileReader();
+                reader.readAsText(file, 'utf-8');
+                reader.onload = function (evt) {
+                    var xmlDoc = $.parseXML(evt.target.result),
+                        xml = $(xmlDoc);
+
+                    var entries = xml.find('entry');
+                    for (var i = 0; i < entries.length; i++) {
+                        var entry = $(entries[i]);
+                        if (!entry) {
+                            continue;
+                        }
+
+                        var host = entry.attr('host'),
+                            user = entry.attr('user'),
+                            password = entry.attr('password');
+
+                        sites.push({
+                            favorite: false,
+                            uri: host && host !== '' ? trimUri(host) : null,
+                            username: user && user !== '' ? user : null,
+                            password: password && password !== '' ? password : null,
+                            notes: null,
+                            name: getNameFromHost(host),
+                        });
+                    }
+
+                    success(folders, sites, siteRelationships);
+                };
+
+                reader.onerror = function (evt) {
+                    error();
+                };
+            }
+            else {
+                // currently bugged due to the comment
+                // ref: https://github.com/mholt/PapaParse/issues/351
+
+                error('Only .xml exports are supported.');
+                return;
+
+                //Papa.parse(file, {
+                //    comments: '#',
+                //    header: true,
+                //    encoding: 'UTF-8',
+                //    complete: function (results) {
+                //        parseCsvErrors(results);
+
+                //        angular.forEach(results.data, function (value, key) {
+                //            sites.push({
+                //                favorite: false,
+                //                uri: value.hostname && value.hostname !== '' ? trimUri(value.hostname) : null,
+                //                username: value.username && value.username !== '' ? value.username : null,
+                //                password: value.password && value.password !== '' ? value.password : null,
+                //                notes: null,
+                //                name: getNameFromHost(value.hostname),
+                //            });
+                //        });
+
+                //        success(folders, sites, siteRelationships);
+                //    }
+                //});
+            }
+        }
+
+        function importUpmCsv(file, success, error) {
+            Papa.parse(file, {
+                encoding: 'UTF-8',
+                complete: function (results) {
+                    parseCsvErrors(results);
+
+                    var folders = [],
+                        sites = [],
+                        siteRelationships = [];
+
+                    angular.forEach(results.data, function (value, key) {
+                        if (value.length === 5) {
+                            sites.push({
+                                favorite: false,
+                                uri: value[3] && value[3] !== '' ? trimUri(value[3]) : null,
+                                username: value[1] && value[1] !== '' ? value[1] : null,
+                                password: value[2] && value[2] !== '' ? value[2] : null,
+                                notes: value[4] && value[4] !== '' ? value[4] : null,
+                                name: value[0] && value[0] !== '' ? value[0] : '--',
+                            });
+                        }
+                    });
+
+                    success(folders, sites, siteRelationships);
+                }
+            });
+        }
+
+        return _service;
+    });

src/Web/wwwroot/app/services/passwordService.js

@@ -0,0 +1,136 @@
+angular
+    .module('bit.services')
+
+    .factory('passwordService', function () {
+        var _service = {};
+
+        _service.generatePassword = function (options) {
+            var defaults = {
+                length: 10,
+                ambiguous: false,
+                number: true,
+                minNumber: 1,
+                uppercase: true,
+                minUppercase: 1,
+                lowercase: true,
+                minLowercase: 1,
+                special: false,
+                minSpecial: 1
+            };
+
+            // overload defaults with given options
+            var o = angular.extend({}, defaults, options);
+
+            // sanitize
+            if (o.uppercase && o.minUppercase < 0) o.minUppercase = 1;
+            if (o.lowercase && o.minLowercase < 0) o.minLowercase = 1;
+            if (o.number && o.minNumber < 0) o.minNumber = 1;
+            if (o.special && o.minSpecial < 0) o.minSpecial = 1;
+
+            if (!o.length || o.length < 1) o.length = 10;
+            var minLength = o.minUppercase + o.minLowercase + o.minNumber + o.minSpecial;
+            if (o.length < minLength) o.length = minLength;
+
+            var positions = [];
+            if (o.lowercase && o.minLowercase > 0) {
+                for (var i = 0; i < o.minLowercase; i++) {
+                    positions.push('l');
+                }
+            }
+            if (o.uppercase && o.minUppercase > 0) {
+                for (var j = 0; j < o.minUppercase; j++) {
+                    positions.push('u');
+                }
+            }
+            if (o.number && o.minNumber > 0) {
+                for (var k = 0; k < o.minNumber; k++) {
+                    positions.push('n');
+                }
+            }
+            if (o.special && o.minSpecial > 0) {
+                for (var l = 0; l < o.minSpecial; l++) {
+                    positions.push('s');
+                }
+            }
+            while (positions.length < o.length) {
+                positions.push('a');
+            }
+
+            // shuffle
+            positions.sort(function () {
+                return randomInt(0, 1) * 2 - 1;
+            });
+
+            // build out the char sets
+            var allCharSet = '';
+
+            var lowercaseCharSet = 'abcdefghijkmnopqrstuvwxyz';
+            if (o.ambiguous) lowercaseCharSet += 'l';
+            if (o.lowercase) allCharSet += lowercaseCharSet;
+
+            var uppercaseCharSet = 'ABCDEFGHIJKLMNPQRSTUVWXYZ';
+            if (o.ambiguous) uppercaseCharSet += 'O';
+            if (o.uppercase) allCharSet += uppercaseCharSet;
+
+            var numberCharSet = '23456789';
+            if (o.ambiguous) numberCharSet += '01';
+            if (o.number) allCharSet += numberCharSet;
+
+            var specialCharSet = '!@#$%^&*';
+            if (o.special) allCharSet += specialCharSet;
+
+            var password = '';
+            for (var m = 0; m < o.length; m++) {
+                var positionChars;
+                switch (positions[m]) {
+                    case 'l': positionChars = lowercaseCharSet; break;
+                    case 'u': positionChars = uppercaseCharSet; break;
+                    case 'n': positionChars = numberCharSet; break;
+                    case 's': positionChars = specialCharSet; break;
+                    case 'a': positionChars = allCharSet; break;
+                }
+
+                var randomCharIndex = randomInt(0, positionChars.length - 1);
+                password += positionChars.charAt(randomCharIndex);
+            }
+
+            return password;
+        };
+
+        // EFForg/OpenWireless
+        // ref https://github.com/EFForg/OpenWireless/blob/master/app/js/diceware.js
+        function randomInt(min, max) {
+            var rval = 0;
+            var range = max - min;
+
+            var bits_needed = Math.ceil(Math.log2(range));
+            if (bits_needed > 53) {
+                throw new Exception("We cannot generate numbers larger than 53 bits.");
+            }
+            var bytes_needed = Math.ceil(bits_needed / 8);
+            var mask = Math.pow(2, bits_needed) - 1;
+            // 7776 -> (2^13 = 8192) -1 == 8191 or 0x00001111 11111111
+
+            // Create byte array and fill with N random numbers
+            var byteArray = new Uint8Array(bytes_needed);
+            window.crypto.getRandomValues(byteArray);
+
+            var p = (bytes_needed - 1) * 8;
+            for (var i = 0; i < bytes_needed; i++) {
+                rval += byteArray[i] * Math.pow(2, p);
+                p -= 8;
+            }
+
+            // Use & to apply the mask and reduce the number of recursive lookups
+            rval = rval & mask;
+
+            if (rval >= range) {
+                // Integer out of acceptable range
+                return randomInt(min, max);
+            }
+            // Return an integer that falls within the range
+            return min + rval;
+        }
+
+        return _service;
+    });

src/Web/wwwroot/app/services/servicesModule.js

@@ -0,0 +1,2 @@
+angular
+    .module('bit.services', ['ngResource', 'ngStorage', 'angular-jwt']);

src/Web/wwwroot/app/services/tokenService.js

@@ -0,0 +1,27 @@
+angular
+    .module('bit.services')
+
+    .factory('tokenService', function ($sessionStorage) {
+        var _service = {},
+            _token;
+
+        _service.setToken = function (token) {
+            $sessionStorage.authBearer = token;
+            _token = token;
+        };
+
+        _service.getToken = function () {
+            if (!_token) {
+                _token = $sessionStorage.authBearer;
+            }
+
+            return _token;
+        };
+
+        _service.clearToken = function () {
+            _token = null;
+            delete $sessionStorage.authBearer;
+        };
+
+        return _service;
+    });

src/Web/wwwroot/app/services/validationService.js

@@ -0,0 +1,62 @@
+angular
+    .module('bit.services')
+
+    .factory('validationService', function () {
+        var _service = {};
+
+        _service.addErrors = function (form, reason) {
+            var data = reason.data;
+            var defaultErrorMessage = 'An unexpected error has occured.';
+            form.$errors = [];
+
+            if (!data || !angular.isObject(data)) {
+                form.$errors.push(defaultErrorMessage);
+                return;
+            }
+
+            if (!data.ValidationErrors) {
+                if (data.Message) {
+                    form.$errors.push(data.Message);
+                }
+                else {
+                    form.$errors.push(defaultErrorMessage);
+                }
+
+                return;
+            }
+
+            for (var key in data.ValidationErrors) {
+                if (!data.ValidationErrors.hasOwnProperty(key)) {
+                    continue;
+                }
+
+                for (var i = 0; i < data.ValidationErrors[key].length; i++) {
+                    _service.addError(form, key, data.ValidationErrors[key][i]);
+                }
+            }
+        };
+
+        _service.addError = function (form, key, errorMessage, clearExistingErrors) {
+            if (clearExistingErrors || !form.$errors) {
+                form.$errors = [];
+            }
+
+            var pushError = true;
+            for (var i = 0; i < form.$errors.length; i++) {
+                if (form.$errors[i] === errorMessage) {
+                    pushError = false;
+                    break;
+                }
+            }
+
+            if (pushError) {
+                form.$errors.push(errorMessage);
+            }
+
+            if (key && key !== '' && form[key] && form[key].$registerApiError) {
+                form[key].$registerApiError();
+            }
+        };
+
+        return _service;
+    });

src/Web/wwwroot/app/settings.js

@@ -0,0 +1,2 @@
+angular.module("bit")
+.constant("appSettings", {"rememberedEmailCookieName":"bit.rememberedEmail","version":"1.2.2","environment":"Development","apiUri":"http://localhost:4000"});

src/Web/wwwroot/app/settings/settingsChangeEmailController.js

@@ -0,0 +1,69 @@
+angular
+    .module('bit.settings')
+
+    .controller('settingsChangeEmailController', function ($scope, $state, apiService, $uibModalInstance, cryptoService, cipherService, authService, $q, toastr, $analytics) {
+        $analytics.eventTrack('settingsChangeEmailController', { category: 'Modal' });
+        var _masterPasswordHash,
+            _newMasterPasswordHash,
+            _newKey;
+
+        $scope.token = function (model) {
+            _masterPasswordHash = cryptoService.hashPassword(model.masterPassword);
+            var newEmail = model.newEmail.toLowerCase();
+
+            var request = {
+                newEmail: newEmail,
+                masterPasswordHash: _masterPasswordHash
+            };
+
+            $scope.tokenPromise = apiService.accounts.emailToken(request, function () {
+                _newKey = cryptoService.makeKey(model.masterPassword, newEmail);
+                _newMasterPasswordHash = cryptoService.hashPassword(model.masterPassword, _newKey);
+
+                $scope.tokenSent = true;
+            }).$promise;
+        };
+
+        $scope.confirm = function (model) {
+            $scope.processing = true;
+
+            var reencryptedSites = [];
+            var sitesPromise = apiService.sites.list({ dirty: false }, function (encryptedSites) {
+                var unencryptedSites = cipherService.decryptSites(encryptedSites.Data);
+                reencryptedSites = cipherService.encryptSites(unencryptedSites, _newKey);
+            }).$promise;
+
+            var reencryptedFolders = [];
+            var foldersPromise = apiService.folders.list({ dirty: false }, function (encryptedFolders) {
+                var unencryptedFolders = cipherService.decryptFolders(encryptedFolders.Data);
+                reencryptedFolders = cipherService.encryptFolders(unencryptedFolders, _newKey);
+            }).$promise;
+
+            $q.all([sitesPromise, foldersPromise]).then(function () {
+                var request = {
+                    token: model.token,
+                    newEmail: model.newEmail.toLowerCase(),
+                    masterPasswordHash: _masterPasswordHash,
+                    newMasterPasswordHash: _newMasterPasswordHash,
+                    ciphers: reencryptedSites.concat(reencryptedFolders)
+                };
+
+                $scope.confirmPromise = apiService.accounts.email(request, function () {
+                    $uibModalInstance.dismiss('cancel');
+                    $analytics.eventTrack('Changed Email');
+                    authService.logOut();
+                    $state.go('frontend.login.info').then(function () {
+                        toastr.success('Please log back in.', 'Email Changed');
+                    });
+                }, function () {
+                    // TODO: recovery mode
+                    $uibModalInstance.dismiss('cancel');
+                    toastr.error('Something went wrong.', 'Oh No!');
+                }).$promise;
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/settings/settingsChangePasswordController.js

@@ -0,0 +1,67 @@
+angular
+    .module('bit.settings')
+
+    .controller('settingsChangePasswordController', function ($scope, $state, apiService, $uibModalInstance,
+        cryptoService, authService, cipherService, validationService, $q, toastr, $analytics) {
+        $analytics.eventTrack('settingsChangePasswordController', { category: 'Modal' });
+        $scope.save = function (model, form) {
+            var error = false;
+
+            if ($scope.model.newMasterPassword.length < 8) {
+                validationService.addError(form, 'NewMasterPasswordHash',
+                    'Master password must be at least 8 characters long.', true);
+                error = true;
+            }
+            if ($scope.model.newMasterPassword !== $scope.model.confirmNewMasterPassword) {
+                validationService.addError(form, 'ConfirmNewMasterPasswordHash',
+                    'New master password confirmation does not match.', true);
+                error = true;
+            }
+
+            if (error) {
+                return;
+            }
+
+            $scope.processing = true;
+
+            var profile = authService.getUserProfile();
+            var newKey = cryptoService.makeKey(model.newMasterPassword, profile.email.toLowerCase());
+
+            var reencryptedSites = [];
+            var sitesPromise = apiService.sites.list({ dirty: false }, function (encryptedSites) {
+                var unencryptedSites = cipherService.decryptSites(encryptedSites.Data);
+                reencryptedSites = cipherService.encryptSites(unencryptedSites, newKey);
+            }).$promise;
+
+            var reencryptedFolders = [];
+            var foldersPromise = apiService.folders.list({ dirty: false }, function (encryptedFolders) {
+                var unencryptedFolders = cipherService.decryptFolders(encryptedFolders.Data);
+                reencryptedFolders = cipherService.encryptFolders(unencryptedFolders, newKey);
+            }).$promise;
+
+            $q.all([sitesPromise, foldersPromise]).then(function () {
+                var request = {
+                    masterPasswordHash: cryptoService.hashPassword(model.masterPassword),
+                    newMasterPasswordHash: cryptoService.hashPassword(model.newMasterPassword, newKey),
+                    ciphers: reencryptedSites.concat(reencryptedFolders)
+                };
+
+                $scope.savePromise = apiService.accounts.putPassword(request, function () {
+                    $uibModalInstance.dismiss('cancel');
+                    authService.logOut();
+                    $analytics.eventTrack('Changed Password');
+                    $state.go('frontend.login.info').then(function () {
+                        toastr.success('Please log back in.', 'Master Password Changed');
+                    });
+                }, function () {
+                    // TODO: recovery mode
+                    $uibModalInstance.dismiss('cancel');
+                    toastr.error('Something went wrong.', 'Oh No!');
+                }).$promise;
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/settings/settingsController.js

@@ -0,0 +1,85 @@
+angular
+    .module('bit.settings')
+
+    .controller('settingsController', function ($scope, $uibModal, apiService, toastr, authService) {
+        $scope.model = {};
+
+        apiService.accounts.getProfile({}, function (user) {
+            $scope.model = {
+                name: user.Name,
+                email: user.Email,
+                masterPasswordHint: user.MasterPasswordHint,
+                culture: user.Culture,
+                twoFactorEnabled: user.TwoFactorEnabled
+            };
+        });
+
+        $scope.save = function (model) {
+            $scope.savePromise = apiService.accounts.putProfile({}, model, function (profile) {
+                authService.setUserProfile(profile);
+                toastr.success('Account has been updated.', 'Success!');
+            }).$promise;
+        };
+
+        $scope.changePassword = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsChangePassword.html',
+                controller: 'settingsChangePasswordController'
+            });
+        };
+
+        $scope.$on('settingsChangePassword', function (event, args) {
+            $scope.changePassword();
+        });
+
+        $scope.changeEmail = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsChangeEmail.html',
+                controller: 'settingsChangeEmailController',
+                size: 'sm'
+            });
+        };
+
+        $scope.$on('settingsChangeEmail', function (event, args) {
+            $scope.changeEmail();
+        });
+
+        $scope.twoFactor = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsTwoFactor.html',
+                controller: 'settingsTwoFactorController'
+            });
+        };
+
+        $scope.$on('settingsTwoFactor', function (event, args) {
+            $scope.twoFactor();
+        });
+
+        $scope.sessions = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsSessions.html',
+                controller: 'settingsSessionsController'
+            });
+        };
+
+        $scope.$on('settingsSessions', function (event, args) {
+            $scope.sessions();
+        });
+
+        $scope.delete = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsDelete.html',
+                controller: 'settingsDeleteController',
+                size: 'sm'
+            });
+        };
+
+        $scope.$on('settingsDelete', function (event, args) {
+            $scope.delete();
+        });
+    });

src/Web/wwwroot/app/settings/settingsDeleteController.js

@@ -0,0 +1,24 @@
+angular
+    .module('bit.settings')
+
+    .controller('settingsDeleteController', function ($scope, $state, apiService, $uibModalInstance, cryptoService, authService, toastr, $analytics) {
+        $analytics.eventTrack('settingsDeleteController', { category: 'Modal' });
+        $scope.submit = function (model) {
+            var request = {
+                masterPasswordHash: cryptoService.hashPassword(model.masterPassword)
+            };
+
+            $scope.submitPromise = apiService.accounts.postDelete(request, function () {
+                $uibModalInstance.dismiss('cancel');
+                authService.logOut();
+                $analytics.eventTrack('Deleted Account');
+                $state.go('frontend.login.info').then(function () {
+                    toastr.success('Your account has been closed and all associated data has been deleted.', 'Account Deleted');
+                });
+            }).$promise;
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/settings/settingsModule.js

@@ -0,0 +1,2 @@
+angular
+    .module('bit.settings', ['ui.bootstrap', 'toastr']);

src/Web/wwwroot/app/settings/settingsSessionsController.js

@@ -0,0 +1,24 @@
+angular
+    .module('bit.settings')
+
+    .controller('settingsSessionsController', function ($scope, $state, apiService, $uibModalInstance, cryptoService, authService, toastr, $analytics) {
+        $analytics.eventTrack('settingsSessionsController', { category: 'Modal' });
+        $scope.submit = function (model) {
+            var request = {
+                masterPasswordHash: cryptoService.hashPassword(model.masterPassword)
+            };
+
+            $scope.submitPromise = apiService.accounts.putSecurityStamp(request, function () {
+                $uibModalInstance.dismiss('cancel');
+                authService.logOut();
+                $analytics.eventTrack('Deauthorized Sessions');
+                $state.go('frontend.login.info').then(function () {
+                    toastr.success('Please log back in.', 'All Sessions Deauthorized');
+                });
+            }).$promise;
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/settings/settingsTwoFactorController.js

@@ -0,0 +1,65 @@
+angular
+    .module('bit.settings')
+
+    .controller('settingsTwoFactorController', function ($scope, apiService, $uibModalInstance, cryptoService, authService, $q, toastr, $analytics) {
+        $analytics.eventTrack('settingsTwoFactorController', { category: 'Modal' });
+        var _issuer = 'bitwarden',
+            _profile = authService.getUserProfile(),
+            _masterPasswordHash;
+
+        $scope.account = _profile.email;
+        $scope.enabled = function () {
+            return _profile.extended && _profile.extended.twoFactorEnabled;
+        };
+
+        $scope.auth = function (model) {
+            _masterPasswordHash = cryptoService.hashPassword(model.masterPassword);
+
+            $scope.authPromise = apiService.accounts.getTwoFactor({
+                masterPasswordHash: _masterPasswordHash,
+                provider: 0 /* Only authenticator provider for now. */
+            }, function (response) {
+                var key = response.AuthenticatorKey;
+                $scope.twoFactorModel = {
+                    enabled: response.TwoFactorEnabled,
+                    key: key.replace(/(.{4})/g, '$1 ').trim(),
+                    qr: 'https://chart.googleapis.com/chart?chs=120x120&chld=L|0&cht=qr&chl=otpauth://totp/' +
+                        _issuer + ':' + encodeURIComponent(_profile.email) +
+                        '%3Fsecret=' + encodeURIComponent(key) +
+                        '%26issuer=' + _issuer
+                };
+            }).$promise;
+        };
+
+        $scope.update = function (model) {
+            var currentlyEnabled = $scope.twoFactorModel.enabled;
+            if (currentlyEnabled && !confirm('Are you sure you want to disable two-step login?')) {
+                return;
+            }
+
+            var request = {
+                enabled: !currentlyEnabled,
+                token: model ? model.token : null,
+                masterPasswordHash: _masterPasswordHash
+            };
+
+            $scope.updatePromise = apiService.accounts.putTwoFactor({}, request, function (response) {
+                if (response.TwoFactorEnabled) {
+                    $analytics.eventTrack('Enabled Two-step Login');
+                    toastr.success('Two-step login has been enabled.');
+                    if (_profile.extended) _profile.extended.twoFactorEnabled = true;
+                }
+                else {
+                    $analytics.eventTrack('Disabled Two-step Login');
+                    toastr.success('Two-step login has been disabled.');
+                    if (_profile.extended) _profile.extended.twoFactorEnabled = false;
+                }
+
+                $scope.close();
+            }).$promise;
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/settings/views/settings.html

@@ -0,0 +1,60 @@
+<section class="content-header">
+    <h1>
+        Settings
+        <small>manage your account</small>
+    </h1>
+</section>
+<section class="content">
+    <div class="box box-default">
+        <div class="box-header with-border">
+            <h3 class="box-title">General</h3>
+        </div>
+        <form role="form" name="profileForm" ng-submit="profileForm.$valid && save(model)" api-form="savePromise">
+            <div class="box-body">
+                <div class="row">
+                    <div class="col-sm-9">
+                        <div class="callout callout-danger validation-errors" ng-show="profileForm.$errors">
+                            <h4>Errors have occured</h4>
+                            <ul>
+                                <li ng-repeat="e in profileForm.$errors">{{e}}</li>
+                            </ul>
+                        </div>
+                        <div class="form-group" show-errors>
+                            <label for="name">Name</label>
+                            <input type="text" id="name" name="Name" ng-model="model.name" class="form-control"
+                                   required api-field />
+                        </div>
+                        <div class="form-group">
+                            <label for="email">Email - <a href="javascript:void(0)" ng-click="changeEmail()">change</a></label>
+                            <input type="text" id="email" ng-model="model.email" class="form-control" readonly />
+                        </div>
+                        <div class="form-group" show-errors>
+                            <label for="hint">Master Password Hint</label>
+                            <input type="text" id="hint" name="MasterPasswordHint" ng-model="model.masterPasswordHint"
+                                   class="form-control" api-field />
+                        </div>
+                        <div class="form-group" show-errors>
+                            <label for="culture">Language/Culture</label>
+                            <select id="culture" name="Culture" ng-model="model.culture" class="form-control" api-field>
+                                <option value="en-US">English (US)</option>
+                            </select>
+                        </div>
+                    </div>
+                    <div class="col-sm-3 settings-photo">
+                        <a href="http://www.gravatar.com/" target="_blank">
+                            <img src="//www.gravatar.com/avatar/{{ main.userProfile.email | gravatar }}.jpg?s=150&d=mm"
+                                 class="img-rounded img-responsive" alt="User Image">
+                        </a>
+                        <a href="http://www.gravatar.com/" target="_blank" class="btn btn-link"
+                           analytics-on="click" analytics-event="Clicked Update Photo">Update Photo</a>
+                    </div>
+                </div>
+            </div>
+            <div class="box-footer">
+                <button type="submit" class="btn btn-primary btn-flat" ng-disabled="profileForm.$loading">
+                    <i class="fa fa-refresh fa-spin loading-icon" ng-show="profileForm.$loading"></i>Save
+                </button>
+            </div>
+        </form>
+    </div>
+</section>

src/Web/wwwroot/app/settings/views/settingsChangeEmail.html

@@ -0,0 +1,54 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="changeEmailModelLabel"><i class="fa fa-at"></i> Change Email</h4>
+</div>
+<form name="changeEmailForm" ng-submit="changeEmailForm.$valid && token(model)" api-form="tokenPromise" ng-show="!tokenSent && !processing">
+    <div class="modal-body">
+        <p>Below you can change your account's email address.</p>
+        <div class="callout callout-danger validation-errors" ng-show="changeEmailForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in changeEmailForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="masterPassword">Master Password</label>
+            <input type="password" id="masterPassword" name="MasterPasswordHash" ng-model="model.masterPassword" class="form-control"
+                   required api-field />
+        </div>
+        <div class="form-group" show-errors>
+            <label for="newEmail">New Email</label>
+            <input type="email" id="newEmail" name="NewEmail" ng-model="model.newEmail" class="form-control" required api-field />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="changeEmailForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="changeEmailForm.$loading"></i>Submit
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>
+<form name="changeEmailConfirmForm" ng-submit="changeEmailConfirmForm.$valid && confirm(model)" api-form="confirmPromise"
+      ng-show="tokenSent && !processing">
+    <div class="modal-body">
+        <p>We have emailed a verification code to <b>{{model.newEmail}}</b>. Please check your email for this code and enter it below to finalize your the email address change.</p>
+        <div class="callout callout-warning">
+            <h4><i class="fa fa-warning"></i> Warning</h4>
+            Proceeding will log you out of your current session, requiring you to log back in.
+        </div>
+        <div class="form-group" show-errors>
+            <label for="token">Code</label>
+            <input type="number" id="token" name="Token" ng-model="model.token" class="form-control" required api-field />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat">
+            Change Email
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>
+<div ng-show="processing" class="modal-body text-center">
+    <p><i class="fa fa-cog fa-spin fa-3x"></i></p>
+    <p>Please wait. We are now changing your email and reencrypting all of your data. Do not close this window. You will be automatically logged out when this process has finished.</p>
+</div>

src/Web/wwwroot/app/settings/views/settingsChangePassword.html

@@ -0,0 +1,46 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="changePasswrdModelLabel"><i class="fa fa-key"></i> Change Password</h4>
+</div>
+<form name="changePasswordForm" ng-submit="changePasswordForm.$valid && save(model, changePasswordForm)" api-form="savePromise" ng-show="!processing">
+    <div class="modal-body">
+        <p>Below you can change your account's master password.</p>
+        <p>We recommend that you change your master password immediately if you believe that your credentials have been compromised.</p>
+        <div class="callout callout-warning">
+            <h4><i class="fa fa-warning"></i> Warning</h4>
+            Proceeding will log you out of your current session, requiring you to log back in.
+        </div>
+        <div class="callout callout-danger validation-errors" ng-show="changePasswordForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in changePasswordForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="masterPassword">Current Master Password</label>
+            <input type="password" id="masterPassword" name="MasterPasswordHash" ng-model="model.masterPassword" class="form-control"
+                   required api-field />
+        </div>
+        <hr />
+        <div class="form-group" show-errors>
+            <label for="newMasterPassword">New Master Password</label>
+            <input type="password" id="newMasterPassword" name="NewMasterPasswordHash" ng-model="model.newMasterPassword" class="form-control"
+                   required api-field />
+        </div>
+        <div class="form-group" show-errors>
+            <label for="confirmNewMasterPassword">Confirm New Master Password</label>
+            <input type="password" id="confirmNewMasterPassword" name="ConfirmNewMasterPasswordHash" ng-model="model.confirmNewMasterPassword"
+                   class="form-control" required api-field />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat">
+            Change Password
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>
+<div ng-show="processing" class="modal-body text-center">
+    <p><i class="fa fa-cog fa-spin fa-3x"></i></p>
+    <p>Please wait. We are now changing your password and reencrypting all of your data. Do not close this window. You will be automatically logged out when this process has finished.</p>
+</div>

src/Web/wwwroot/app/settings/views/settingsDelete.html

@@ -0,0 +1,30 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="deleteAccountModelLabel"><i class="fa fa-trash"></i> Delete Account</h4>
+</div>
+<form name="deleteAccountForm" ng-submit="deleteAccountForm.$valid && submit(model)" api-form="submitPromise">
+    <div class="modal-body">
+        <p>Continue below to delete your account and all associated data.</p>
+        <div class="callout callout-warning">
+            <h4><i class="fa fa-warning"></i> Warning</h4>
+            Deleting your account is permanent. It cannot be undone.
+        </div>
+        <div class="callout callout-danger validation-errors" ng-show="deleteAccountForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in deleteAccountForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="masterPassword">Master Password</label>
+            <input type="password" id="masterPassword" name="MasterPasswordHash" ng-model="model.masterPassword" class="form-control"
+                   required api-field />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="deleteAccountForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="deleteAccountForm.$loading"></i>Delete
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>

src/Web/wwwroot/app/settings/views/settingsSessions.html

@@ -0,0 +1,32 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="logoutSessionsModelLabel"><i class="fa fa-ban"></i> Deauthorize Sessions</h4>
+</div>
+<form name="logoutSessionsForm" ng-submit="logoutSessionsForm.$valid && submit(model)" api-form="submitPromise">
+    <div class="modal-body">
+        <p>Concerned your account is logged in on another device?</p>
+        <p>Proceed below to deauthorize all computers or devices that you have previously used.</p>
+        <p>This security step is recommended if you previously used a public PC or accidentally saved your password on a device that isn't yours.</p>
+        <div class="callout callout-warning">
+            <h4><i class="fa fa-warning"></i> Warning</h4>
+            Proceeding will log you out of your current session as well, requiring you to log back in.
+        </div>
+        <div class="callout callout-danger validation-errors" ng-show="logoutSessionsForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in logoutSessionsForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="masterPassword">Master Password</label>
+            <input type="password" id="masterPassword" name="MasterPasswordHash" ng-model="model.masterPassword" class="form-control"
+                   required api-field />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="logoutSessionsForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="logoutSessionsForm.$loading"></i>Deauthorize
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>

src/Web/wwwroot/app/settings/views/settingsTwoFactor.html

@@ -0,0 +1,82 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="twoFactorModelLabel"><i class="fa fa-key"></i> Two-step Login</h4>
+</div>
+<form name="authTwoStepForm" ng-submit="authTwoStepForm.$valid && auth(authModel)" api-form="authPromise" ng-if="!twoFactorModel">
+    <div class="modal-body">
+        <p>Current Status: <span class="label bg-green" ng-show="enabled()">ENABLED</span><span class="label bg-gray" ng-show="!enabled()">DISABLED</span></p>
+        <p>Two-step login helps keep your account more secure by requiring a code provided by an app on your mobile device while logging in (in addition to your master password).</p>
+        <p ng-show="enabled()">Two-step login is already enabled on your account. To access your two-step settings enter your master password below.</p>
+        <p ng-show="!enabled()">To get started with two-step login enter your master password below.</p>
+        <div class="callout callout-danger validation-errors" ng-show="authTwoStepForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in authTwoStepForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="masterPassword">Master Password</label>
+            <input type="password" id="masterPassword" name="MasterPasswordHash" ng-model="authModel.masterPassword" class="form-control" required api-field />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="authTwoStepForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="authTwoStepForm.$loading"></i>Continue
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>
+<form name="updateTwoStepForm" ng-submit="updateTwoStepForm.$valid && update(updateModel)" api-form="updatePromise" ng-if="twoFactorModel">
+    <div class="modal-body">
+        <div ng-show="enabled()">
+            <p>Two-step login is enabled on your account. Below is the code required by your verification app.</p>
+            <p>Need a two-step verification app? Download one of the following:</p>
+        </div>
+        <div ng-show="!enabled()">
+            <p>Setting up two-step verification is easy, just follow these steps:</p>
+            <h4>1. Download a two-step verification app</h4>
+        </div>
+        <ul class="fa-ul">
+            <li><i class="fa-li fa fa-apple"></i> iOS devices: <a href="https://itunes.apple.com/en/app/authy/id494168017" target="_blank">Authy for iOS</a></li>
+            <li><i class="fa-li fa fa-android"></i> Android devices: <a href="https://play.google.com/store/apps/details?id=com.authy.authy" target="_blank">Authy for Android</a></li>
+            <li><i class="fa-li fa fa-windows"></i> Windows devices: <a href="https://www.microsoft.com/en-us/store/apps/authenticator/9wzdncrfj3rj" target="_blank">Microsoft Authenticator </a></li>
+        </ul>
+        <hr ng-show="enabled()" />
+        <h4 ng-show="!enabled()" style="margin-top: 30px;">2. Scan this QR code with your verification app</h4>
+        <div class="row">
+            <div class="col-md-4 text-center">
+                <p><img ng-src="{{twoFactorModel.qr}}" alt="QR" class="img-thumbnail" /></p>
+            </div>
+            <div class="col-sm-8">
+                <p><strong>Can't scan the code?</strong> You can add the code to your application manually using the following details:</p>
+                <ul class="list-unstyled">
+                    <li><strong>Key:</strong> <samp>{{twoFactorModel.key}}</samp></li>
+                    <li><strong>Account:</strong> {{account}}</li>
+                    <li><strong>Time based:</strong> Yes</li>
+                </ul>
+            </div>
+        </div>
+        <div ng-show="!enabled()">
+            <div class="callout callout-danger validation-errors" ng-show="updateTwoStepForm.$errors">
+                <h4>Errors have occured</h4>
+                <ul>
+                    <li ng-repeat="e in updateTwoStepForm.$errors">{{e}}</li>
+                </ul>
+            </div>
+            <h4 style="margin-top: 30px;">3. Enter the resulting verification code from the app</h4>
+            <div class="form-group" show-errors ng-show="!twoFactorModel.enabled">
+                <label for="token" class="sr-only">Verification Code</label>
+                <input type="number" id="token" name="Token" placeholder="Verification Code" ng-model="updateModel.token" class="form-control" ng-required="!twoFactorModel.enabled" api-field />
+            </div>
+            <p>NOTE: After enabling two-step login, you will be required to enter the current code generated by your verification app each time you log in.</p>
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="updateTwoStepForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="updateTwoStepForm.$loading"></i>
+            <span ng-show="twoFactorModel.enabled">Disable Two-step</span>
+            <span ng-show="!twoFactorModel.enabled">Enable Two-step</span>
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>

src/Web/wwwroot/app/tools/toolsAuditsController.js

@@ -0,0 +1,9 @@
+angular
+    .module('bit.tools')
+
+    .controller('toolsAuditsController', function ($scope, apiService, $uibModalInstance, toastr, $analytics) {
+        $analytics.eventTrack('toolsAuditsController', { category: 'Modal' });
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/tools/toolsController.js

@@ -0,0 +1,42 @@
+angular
+    .module('bit.tools')
+
+    .controller('toolsController', function ($scope, $uibModal, apiService, toastr, authService) {
+        $scope.import = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/tools/views/toolsImport.html',
+                controller: 'toolsImportController',
+                size: 'sm'
+            });
+        };
+
+        $scope.$on('toolsImport', function (event, args) {
+            $scope.import();
+        });
+
+        $scope.export = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/tools/views/toolsExport.html',
+                controller: 'toolsExportController',
+                size: 'sm'
+            });
+        };
+
+        $scope.$on('toolsExport', function (event, args) {
+            $scope.export();
+        });
+
+        $scope.audits = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/tools/views/toolsAudits.html',
+                controller: 'toolsAuditsController'
+            });
+        };
+
+        $scope.$on('toolsAudits', function (event, args) {
+            $scope.audits();
+        });
+    });

src/Web/wwwroot/app/tools/toolsExportController.js

@@ -0,0 +1,73 @@
+angular
+    .module('bit.tools')
+
+    .controller('toolsExportController', function ($scope, apiService, authService, $uibModalInstance, cryptoService, cipherService, $q, toastr, $analytics) {
+        $analytics.eventTrack('toolsExportController', { category: 'Modal' });
+        $scope.export = function (model) {
+            $scope.startedExport = true;
+            apiService.sites.list({ expand: ['folder'] }, function (sites) {
+                try {
+                    var decSites = cipherService.decryptSites(sites.Data);
+
+                    var exportSites = [];
+                    for (var i = 0; i < decSites.length; i++) {
+                        var site = {
+                            name: decSites[i].name,
+                            uri: decSites[i].uri,
+                            username: decSites[i].username,
+                            password: decSites[i].password,
+                            notes: decSites[i].notes,
+                            folder: decSites[i].folder ? decSites[i].folder.name : null
+                        };
+
+                        exportSites.push(site);
+                    }
+
+                    var csvString = Papa.unparse(exportSites);
+                    var csvBlob = new Blob([csvString]);
+                    if (window.navigator.msSaveOrOpenBlob) { // IE hack. ref http://msdn.microsoft.com/en-us/library/ie/hh779016.aspx
+                        window.navigator.msSaveBlob(csvBlob, makeFileName());
+                    }
+                    else {
+                        var a = window.document.createElement('a');
+                        a.href = window.URL.createObjectURL(csvBlob, { type: 'text/plain' });
+                        a.download = makeFileName();
+                        document.body.appendChild(a);
+                        a.click(); // IE: "Access is denied". ref: https://connect.microsoft.com/IE/feedback/details/797361/ie-10-treats-blob-url-as-cross-origin-and-denies-access
+                        document.body.removeChild(a);
+                    }
+
+                    $analytics.eventTrack('Exported Data');
+                    toastr.success('Your data has been exported. Check your browser\'s downloads folder.', 'Success!');
+                    $scope.close();
+                }
+                catch (err) {
+                    toastr.error('Something went wrong. Please try again.', 'Error!');
+                    $scope.close();
+                }
+            }, function () {
+                toastr.error('Something went wrong. Please try again.', 'Error!');
+                $scope.close();
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+
+        function makeFileName() {
+            var now = new Date();
+            var dateString =
+                now.getFullYear() + '' + padNumber(now.getMonth() + 1, 2) + '' + padNumber(now.getDate(), 2) +
+                padNumber(now.getHours(), 2) + '' + padNumber(now.getMinutes(), 2) +
+                padNumber(now.getSeconds(), 2);
+
+            return 'bitwarden_export_' + dateString + '.csv';
+        }
+
+        function padNumber(number, width, paddingCharacter) {
+            paddingCharacter = paddingCharacter || '0';
+            number = number + '';
+            return number.length >= width ? number : new Array(width - number.length + 1).join(paddingCharacter) + number;
+        }
+    });

src/Web/wwwroot/app/tools/toolsImportController.js

@@ -0,0 +1,73 @@
+angular
+    .module('bit.tools')
+
+    .controller('toolsImportController', function ($scope, $state, apiService, $uibModalInstance, cryptoService, cipherService, toastr, importService, $analytics) {
+        $analytics.eventTrack('toolsImportController', { category: 'Modal' });
+        $scope.model = { source: 'local' };
+
+        $scope.import = function (model) {
+            $scope.processing = true;
+            var file = document.getElementById('file').files[0];
+            importService.import(model.source, file, importSuccess, importError);
+        };
+
+        function importSuccess(folders, sites, folderRelationships) {
+            if (!folders.length && !sites.length) {
+                $uibModalInstance.dismiss('cancel');
+                toastr.error('Nothing was imported.');
+                return;
+            }
+
+            apiService.ciphers.import({
+                folders: cipherService.encryptFolders(folders, cryptoService.getKey()),
+                sites: cipherService.encryptSites(sites, cryptoService.getKey()),
+                folderRelationships: folderRelationships
+            }, function () {
+                $uibModalInstance.dismiss('cancel');
+                $state.go('backend.vault').then(function () {
+                    $analytics.eventTrack('Imported Data', { label: $scope.model.source });
+                    toastr.success('Data has been successfully imported into your vault.', 'Import Success');
+                });
+            }, importError);
+        }
+
+        function importError(error) {
+            $analytics.eventTrack('Import Data Failed', { label: $scope.model.source });
+            $uibModalInstance.dismiss('cancel');
+
+            if (error) {
+                var data = error.data;
+                if (data && data.ValidationErrors) {
+                    var message = '';
+                    for (var key in data.ValidationErrors) {
+                        if (!data.ValidationErrors.hasOwnProperty(key)) {
+                            continue;
+                        }
+
+                        for (var i = 0; i < data.ValidationErrors[key].length; i++) {
+                            message += (key + ': ' + data.ValidationErrors[key][i] + ' ');
+                        }
+                    }
+
+                    if (message !== '') {
+                        toastr.error(message);
+                        return;
+                    }
+                }
+                else if (data && data.Message) {
+                    toastr.error(data.Message);
+                    return;
+                }
+                else {
+                    toastr.error(error);
+                    return;
+                }
+            }
+
+            toastr.error('Something went wrong. Try again.', 'Oh No!');
+        }
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/tools/toolsModule.js

@@ -0,0 +1,2 @@
+angular
+    .module('bit.tools', ['ui.bootstrap', 'toastr']);

src/Web/wwwroot/app/tools/views/tools.html

@@ -0,0 +1,9 @@
+<section class="content-header">
+    <h1>
+        Tools
+        <small>helpful utilities</small>
+    </h1>
+</section>
+<section class="content">
+    Several tools are available in the menu to the left. More tools coming soon...
+</section>

src/Web/wwwroot/app/tools/views/toolsAudits.html

@@ -0,0 +1,10 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="auditsModelLabel"><i class="fa fa-search"></i> Audits</h4>
+</div>
+<div class="modal-body">
+    Coming soon...
+</div>
+<div class="modal-footer">
+    <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+</div>

src/Web/wwwroot/app/tools/views/toolsExport.html

@@ -0,0 +1,28 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="exportModelLabel"><i class="fa fa-cloud-download"></i> Export</h4>
+</div>
+<form name="exportForm" ng-submit="exportForm.$valid && export(model)" api-form="exportPromise" ng-show="!startedExport">
+    <div class="modal-body">
+        <p>Export all of your vault data in <code>.csv</code> format. Enter your master password to continue.</p>
+        <div class="callout callout-danger validation-errors" ng-show="exportForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in exportForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="masterPassword">Master Password</label>
+            <input type="password" id="masterPassword" name="MasterPasswordHash" ng-model="model.masterPassword" class="form-control"
+                   master-password required api-field ng-model-options="{ 'updateOn': 'blur'}" />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat">Export</button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>
+<div class="modal-body text-center" ng-show="startedExport">
+    <p><i class="fa fa-cog fa-spin fa-3x"></i></p>
+    <p>Please wait. We are now exporting all of your data to a <code>.csv</code> file.</p>
+</div>

src/Web/wwwroot/app/tools/views/toolsImport.html

@@ -0,0 +1,37 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="importModelLabel"><i class="fa fa-cloud-upload"></i> Import</h4>
+</div>
+<form name="importForm" ng-submit="importForm.$valid && import(model)" ng-show="!processing">
+    <div class="modal-body">
+        <div class="form-group">
+            <label for="source">Source</label>
+            <select id="source" name="source" class="form-control" ng-model="model.source">
+                <option value="local">bitwarden (csv)</option>
+                <option value="lastpass">LastPass (csv)</option>
+                <option value="chromecsv">Chrome (csv)</option>
+                <option value="firefoxpasswordexportercsvxml">Firefox Password Exporter (xml)</option>
+                <option value="safeincloudxml">SafeInCloud (xml)</option>
+                <option value="safeincloudcsv">SafeInCloud (csv)</option>
+                <option value="keypassxml">KeyPass (xml)</option>
+                <option value="padlockcsv">Padlock (csv)</option>
+                <option value="1password1pif">1Password (1pif)</option>
+                <option value="upmcsv">Universal Password Manager (csv)</option>
+            </select>
+        </div>
+        <div class="form-group">
+            <label for="file">File</label>
+            <input type="file" id="file" name="file" required />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat">
+            Import
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>
+<div ng-show="processing" class="modal-body text-center">
+    <p><i class="fa fa-cog fa-spin fa-3x"></i></p>
+    <p>Please wait. We are now importing all of your data. Do not close this window. You will be redirected to your vault when the import has completed.</p>
+</div>

src/Web/wwwroot/app/vault/vaultAddFolderController.js

@@ -0,0 +1,19 @@
+angular
+    .module('bit.vault')
+
+    .controller('vaultAddFolderController', function ($scope, apiService, $uibModalInstance, cryptoService, cipherService, $analytics) {
+        $analytics.eventTrack('vaultAddFolderController', { category: 'Modal' });
+        $scope.savePromise = null;
+        $scope.save = function (model) {
+            var folder = cipherService.encryptFolder(model);
+            $scope.savePromise = apiService.folders.post(folder, function (response) {
+                $analytics.eventTrack('Created Folder');
+                var decFolder = cipherService.decryptFolder(response);
+                $uibModalInstance.close(decFolder);
+            }).$promise;
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('close');
+        };
+    });

src/Web/wwwroot/app/vault/vaultAddSiteController.js

@@ -0,0 +1,54 @@
+angular
+    .module('bit.vault')
+
+    .controller('vaultAddSiteController', function ($scope, apiService, $uibModalInstance, cryptoService, cipherService, passwordService, folders, selectedFolder, $analytics) {
+        $analytics.eventTrack('vaultAddSiteController', { category: 'Modal' });
+        $scope.folders = folders;
+        $scope.site = {
+            folderId: selectedFolder ? selectedFolder.id : null
+        };
+
+        $scope.savePromise = null;
+        $scope.save = function (model) {
+            var site = cipherService.encryptSite(model);
+            $scope.savePromise = apiService.sites.post(site, function (siteResponse) {
+                $analytics.eventTrack('Created Site');
+                var decSite = cipherService.decryptSite(siteResponse);
+                $uibModalInstance.close(decSite);
+            }).$promise;
+        };
+
+        $scope.generatePassword = function () {
+            if (!$scope.site.password || confirm('Are you sure you want to overwrite the current password?')) {
+                $analytics.eventTrack('Generated Password From Add');
+                $scope.site.password = passwordService.generatePassword({ length: 10, special: true });
+            }
+        };
+
+        $scope.clipboardSuccess = function (e) {
+            e.clearSelection();
+            selectPassword(e);
+        };
+
+        $scope.clipboardError = function (e, password) {
+            if (password) {
+                selectPassword(e);
+            }
+            alert('Your web browser does not support easy clipboard copying. Copy it manually instead.');
+        };
+
+        $scope.folderSort = function (item) {
+            return item.name.toLowerCase();
+        };
+
+        function selectPassword(e) {
+            var target = $(e.trigger).parent().prev();
+            if (target.attr('type') === 'text') {
+                target.select();
+            }
+        }
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('close');
+        };
+    });

src/Web/wwwroot/app/vault/vaultController.js

@@ -0,0 +1,193 @@
+angular
+    .module('bit.vault')
+
+    .controller('vaultController', function ($scope, $uibModal, apiService, $filter, cryptoService, authService, toastr, cipherService) {
+        $scope.sites = [];
+        $scope.folders = [];
+
+        $scope.loadingSites = true;
+        apiService.sites.list({}, function (sites) {
+            $scope.loadingSites = false;
+
+            var decSites = [];
+            for (var i = 0; i < sites.Data.length; i++) {
+                var decSite = {
+                    id: sites.Data[i].Id,
+                    folderId: sites.Data[i].FolderId,
+                    favorite: sites.Data[i].Favorite
+                };
+
+                try { decSite.name = cryptoService.decrypt(sites.Data[i].Name); }
+                catch (err) { decSite.name = '[error: cannot decrypt]'; }
+
+                if (sites.Data[i].Username) {
+                    try { decSite.username = cryptoService.decrypt(sites.Data[i].Username); }
+                    catch (err) { decSite.username = '[error: cannot decrypt]'; }
+                }
+
+                decSites.push(decSite);
+            }
+
+            $scope.sites = decSites;
+        }, function () {
+            $scope.loadingSites = false;
+        });
+
+        $scope.loadingFolders = true;
+        apiService.folders.list({}, function (folders) {
+            $scope.loadingFolders = false;
+
+            var decFolders = [{
+                id: null,
+                name: '(none)'
+            }];
+
+            for (var i = 0; i < folders.Data.length; i++) {
+                var decFolder = {
+                    id: folders.Data[i].Id
+                };
+
+                try { decFolder.name = cryptoService.decrypt(folders.Data[i].Name); }
+                catch (err) { decFolder.name = '[error: cannot decrypt]'; }
+
+                decFolders.push(decFolder);
+            }
+
+            $scope.folders = decFolders;
+        }, function () {
+            $scope.loadingFolders = false;
+        });
+
+        $scope.folderSort = function (item) {
+            if (!item.id) {
+                return '';
+            }
+
+            return item.name.toLowerCase();
+        };
+
+        $scope.editSite = function (site) {
+            var editModel = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/vault/views/vaultEditSite.html',
+                controller: 'vaultEditSiteController',
+                resolve: {
+                    siteId: function () { return site.id; },
+                    folders: function () { return $scope.folders; }
+                }
+            });
+
+            editModel.result.then(function (returnVal) {
+                if (returnVal.action === 'edit') {
+                    var siteToUpdate = $filter('filter')($scope.sites, { id: returnVal.data.id }, true);
+
+                    if (siteToUpdate && siteToUpdate.length > 0) {
+                        siteToUpdate[0].folderId = returnVal.data.folderId;
+                        siteToUpdate[0].name = returnVal.data.name;
+                        siteToUpdate[0].username = returnVal.data.username;
+                        siteToUpdate[0].favorite = returnVal.data.favorite;
+                    }
+                }
+                else if (returnVal.action === 'delete') {
+                    var siteToDelete = $filter('filter')($scope.sites, { id: returnVal.data }, true);
+                    if (siteToDelete && siteToDelete.length > 0) {
+                        var index = $scope.sites.indexOf(siteToDelete[0]);
+                        if (index > -1) {
+                            $scope.sites.splice(index, 1);
+                        }
+                    }
+                }
+            });
+        };
+
+        $scope.$on('vaultAddSite', function (event, args) {
+            $scope.addSite();
+        });
+
+        $scope.addSite = function (folder) {
+            var addModel = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/vault/views/vaultAddSite.html',
+                controller: 'vaultAddSiteController',
+                resolve: {
+                    folders: function () { return $scope.folders; },
+                    selectedFolder: function () { return folder; }
+                }
+            });
+
+            addModel.result.then(function (addedSite) {
+                $scope.sites.push(addedSite);
+            });
+        };
+
+        $scope.deleteSite = function (site) {
+            if (!confirm('Are you sure you want to delete this site (' + site.name + ')?')) {
+                return;
+            }
+
+            apiService.sites.del({ id: site.id }, function () {
+                var index = $scope.sites.indexOf(site);
+                if (index > -1) {
+                    $scope.sites.splice(index, 1);
+                }
+            });
+        };
+
+        $scope.editFolder = function (folder) {
+            var editModel = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/vault/views/vaultEditFolder.html',
+                controller: 'vaultEditFolderController',
+                size: 'sm',
+                resolve: {
+                    folderId: function () { return folder.id; }
+                }
+            });
+
+            editModel.result.then(function (editedFolder) {
+                var folder = $filter('filter')($scope.folders, { id: editedFolder.id }, true);
+                if (folder && folder.length > 0) {
+                    folder[0].name = editedFolder.name;
+                }
+            });
+        };
+
+        $scope.$on('vaultAddFolder', function (event, args) {
+            $scope.addFolder();
+        });
+
+        $scope.addFolder = function () {
+            var addModel = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/vault/views/vaultAddFolder.html',
+                controller: 'vaultAddFolderController',
+                size: 'sm'
+            });
+
+            addModel.result.then(function (addedFolder) {
+                $scope.folders.push(addedFolder);
+            });
+        };
+
+        $scope.deleteFolder = function (folder) {
+            if (!confirm('Are you sure you want to delete this folder (' + folder.name + ')?')) {
+                return;
+            }
+
+            apiService.folders.del({ id: folder.id }, function () {
+                var index = $scope.folders.indexOf(folder);
+                if (index > -1) {
+                    $scope.folders.splice(index, 1);
+                }
+            });
+        };
+
+        $scope.canDeleteFolder = function (folder) {
+            if (!folder || !folder.id) {
+                return false;
+            }
+
+            var sites = $filter('filter')($scope.sites, { folderId: folder.id });
+            return sites.length === 0;
+        };
+    });

src/Web/wwwroot/app/vault/vaultEditFolderController.js

@@ -0,0 +1,25 @@
+angular
+    .module('bit.vault')
+
+    .controller('vaultEditFolderController', function ($scope, apiService, $uibModalInstance, cryptoService, cipherService, folderId, $analytics) {
+        $analytics.eventTrack('vaultEditFolderController', { category: 'Modal' });
+        $scope.folder = {};
+
+        apiService.folders.get({ id: folderId }, function (folder) {
+            $scope.folder = cipherService.decryptFolder(folder);
+        });
+
+        $scope.savePromise = null;
+        $scope.save = function (model) {
+            var folder = cipherService.encryptFolder(model);
+            $scope.savePromise = apiService.folders.put({ id: folderId }, folder, function (response) {
+                $analytics.eventTrack('Edited Folder');
+                var decFolder = cipherService.decryptFolder(response);
+                $uibModalInstance.close(decFolder);
+            }).$promise;
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/vault/vaultEditSiteController.js

@@ -0,0 +1,71 @@
+angular
+    .module('bit.vault')
+
+    .controller('vaultEditSiteController', function ($scope, apiService, $uibModalInstance, cryptoService, cipherService, passwordService, siteId, folders, $analytics) {
+        $analytics.eventTrack('vaultEditSiteController', { category: 'Modal' });
+        $scope.folders = folders;
+        $scope.site = {};
+
+        apiService.sites.get({ id: siteId }, function (site) {
+            $scope.site = cipherService.decryptSite(site);
+        });
+
+        $scope.save = function (model) {
+            var site = cipherService.encryptSite(model);
+            $scope.savePromise = apiService.sites.put({ id: siteId }, site, function (siteResponse) {
+                $analytics.eventTrack('Edited Site');
+                var decSite = cipherService.decryptSite(siteResponse);
+                $uibModalInstance.close({
+                    action: 'edit',
+                    data: decSite
+                });
+            }).$promise;
+        };
+
+        $scope.generatePassword = function () {
+            if (!$scope.site.password || confirm('Are you sure you want to overwrite the current password?')) {
+                $analytics.eventTrack('Generated Password From Edit');
+                $scope.site.password = passwordService.generatePassword({ length: 10, special: true });
+            }
+        };
+
+        $scope.clipboardSuccess = function (e) {
+            e.clearSelection();
+            selectPassword(e);
+        };
+
+        $scope.clipboardError = function (e, password) {
+            if (password) {
+                selectPassword(e);
+            }
+            alert('Your web browser does not support easy clipboard copying. Copy it manually instead.');
+        };
+
+        $scope.folderSort = function (item) {
+            return item.name.toLowerCase();
+        };
+
+        function selectPassword(e) {
+            var target = $(e.trigger).parent().prev();
+            if (target.attr('type') === 'text') {
+                target.select();
+            }
+        }
+
+        $scope.delete = function () {
+            if (!confirm('Are you sure you want to delete this site (' + $scope.site.name + ')?')) {
+                return;
+            }
+
+            apiService.sites.del({ id: $scope.site.id }, function () {
+                $uibModalInstance.close({
+                    action: 'delete',
+                    data: $scope.site.id
+                });
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });

src/Web/wwwroot/app/vault/vaultModule.js

@@ -0,0 +1,2 @@
+angular
+    .module('bit.vault', ['ui.bootstrap', 'ngclipboard']);

src/Web/wwwroot/app/vault/views/vault.html

@@ -0,0 +1,60 @@
+<section class="content-header">
+    <h1>
+        My Vault
+        <small>safe and secure</small>
+    </h1>
+</section>
+<section class="content">
+    <div ng-show="loadingFolders && !folders.length">
+        <p>Loading...</p>
+    </div>
+    <div class="box" ng-repeat="folder in folders | orderBy: folderSort" ng-show="folders.length">
+        <div class="box-header with-border">
+            <h3 class="box-title"><i class="fa fa-folder-open"></i> {{folder.name}}</h3>
+            <div class="box-tools pull-right">
+                <button type="button" class="btn btn-box-tool" ng-click="addSite(folder)" uib-tooltip="Add Site">
+                    <i class="fa fa-plus"></i>
+                </button>
+                <button type="button" class="btn btn-box-tool" ng-click="deleteFolder(folder)" ng-show="canDeleteFolder(folder)" uib-tooltip="Delete">
+                    <i class="fa fa-trash"></i>
+                </button>
+                <button type="button" class="btn btn-box-tool" ng-click="editFolder(folder)" ng-show="folder.id" uib-tooltip="Edit">
+                    <i class="fa fa-pencil"></i>
+                </button>
+                <button type="button" class="btn btn-box-tool" data-widget="collapse" uib-tooltip="Collapse">
+                    <i class="fa fa-minus"></i>
+                </button>
+            </div>
+        </div>
+        <div class="box-body" ng-class="{'no-padding': folderSites.length}">
+            <div ng-show="loadingSites && !folderSites.length">
+                <p>Loading sites...</p>
+            </div>
+            <div ng-show="!loadingSites && !folderSites.length">
+                <p>No sites in this folder.</p>
+                <button type="button" ng-click="addSite(folder)" class="btn btn-default btn-flat">Add a Site</button>
+            </div>
+            <div class="table-responsive" ng-show="folderSites.length">
+                <table class="table table-striped table-hover">
+                    <thead>
+                        <tr>
+                            <th style="width: 75px; min-width: 75px;"></th>
+                            <th>Site</th>
+                            <th style="width: 300px;">Username</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <tr ng-repeat="site in folderSites = (sites | filter: { folderId: folder.id } | filter: (main.searchVaultText || '') | orderBy: ['name', 'username'])">
+                            <td>
+                                <button type="button" ng-click="deleteSite(site)" class="btn btn-link btn-table" uib-tooltip="Delete"><i class="fa fa-lg fa-trash"></i></button>
+                                <button type="button" ng-click="editSite(site)" class="btn btn-link btn-table" uib-tooltip="View/Edit"><i class="fa fa-lg fa-pencil"></i></button>
+                            </td>
+                            <td>{{site.name}} <i class="fa fa-star text-muted" uib-tooltip="Favorite" ng-show="site.favorite"></i></td>
+                            <td>{{site.username}}</td>
+                        </tr>
+                    </tbody>
+                </table>
+            </div>
+        </div>
+    </div>
+</section>

src/Web/wwwroot/app/vault/views/vaultAddFolder.html

@@ -0,0 +1,24 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="addFolderModelLabel"><i class="fa fa-folder"></i> Add New Folder</h4>
+</div>
+<form name="addFolderForm" ng-submit="addFolderForm.$valid && save(folder)" api-form="savePromise">
+    <div class="modal-body">
+        <div class="callout callout-danger validation-errors" ng-show="addFolderForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in addFolderForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="name">Name</label>
+            <input type="text" id="name" name="Name" ng-model="folder.name" class="form-control" required api-field />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="addFolderForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="addFolderForm.$loading"></i>Submit
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>

src/Web/wwwroot/app/vault/views/vaultAddSite.html

@@ -0,0 +1,98 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="addSiteModelLabel"><i class="fa fa-globe"></i> Add New Site</h4>
+</div>
+<form name="addSiteForm" ng-submit="addSiteForm.$valid && save(site)" api-form="savePromise">
+    <div class="modal-body">
+        <div class="callout callout-danger validation-errors" ng-show="addSiteForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in addSiteForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="uri">URI</label>
+            <div class="input-group">
+                <input type="text" id="uri" ng-model="site.uri" name="Uri" class="form-control" placeholder="http://..." api-field />
+                <span class="input-group-btn" uib-tooltip="Copy URI" tooltip-placement="left">
+                    <button tabindex="-1" class="btn btn-default btn-flat" type="button" ngclipboard
+                            ngclipboard-error="clipboardError(e)"
+                            data-clipboard-target="#uri">
+                        <i class="fa fa-clipboard"></i>
+                    </button>
+                </span>
+            </div>
+        </div>
+        <div class="row">
+            <div class="col-md-6">
+                <div class="form-group" show-errors>
+                    <label for="name">Name</label>
+                    <input type="text" id="name" name="Name" ng-model="site.name" class="form-control" required api-field />
+                </div>
+            </div>
+            <div class="col-md-6">
+                <div class="form-group" show-errors>
+                    <label for="folder">Folder</label>
+                    <select id="folder" name="FolderId" ng-model="site.folderId" class="form-control" api-field>
+                        <option ng-repeat="folder in folders | orderBy: folderSort" value="{{folder.id}}">{{folder.name}}</option>
+                    </select>
+                </div>
+            </div>
+        </div>
+        <div class="row">
+            <div class="col-md-6">
+                <div class="form-group" show-errors>
+                    <label for="username">Username</label>
+                    <div class="input-group">
+                        <input type="text" id="username" name="Username" ng-model="site.username" class="form-control" api-field />
+                        <span class="input-group-btn" uib-tooltip="Copy Username" tooltip-placement="left">
+                            <button tabindex="-1" class="btn btn-default btn-flat" type="button" ngclipboard
+                                    ngclipboard-error="clipboardError(e)"
+                                    data-clipboard-target="#username">
+                                <i class="fa fa-clipboard"></i>
+                            </button>
+                        </span>
+                    </div>
+                </div>
+            </div>
+            <div class="col-md-6">
+                <div class="form-group" show-errors>
+                    <div class="pull-right password-options">
+                        <i class="fa fa-lg fa-refresh" uib-tooltip="Generate Password" tooltip-placement="left" ng-click="generatePassword()"></i>
+                        <i class="fa fa-lg fa-eye" uib-tooltip="Toggle Password" tooltip-placement="left" password-viewer="#password"></i>
+                    </div>
+                    <label for="password">Password</label>
+                    <div class="input-group">
+                        <input tabindex="-1" type="text" id="password-text" value="{{site.password}}" style="margin-left: -9999px;" />
+                        <input type="password" id="password" name="Password" ng-model="site.password" class="form-control" api-field />
+                        <span class="input-group-btn" uib-tooltip="Copy Password" tooltip-placement="left">
+                            <button tabindex="-1" class="btn btn-default btn-flat" type="button" ngclipboard
+                                    ngclipboard-success="clipboardSuccess(e)"
+                                    ngclipboard-error="clipboardError(e, true)"
+                                    data-clipboard-target="#password-text">
+                                <i class="fa fa-clipboard"></i>
+                            </button>
+                        </span>
+                    </div>
+                </div>
+                <div style="margin: -10px 0 15px 0;" password-meter="site.password" password-meter-username="site.username" outer-class="xs"></div>
+            </div>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="notes">Notes</label>
+            <textarea id="notes" name="Notes" class="form-control" ng-model="site.notes" api-field></textarea>
+        </div>
+        <div class="checkbox">
+            <label>
+                <input type="checkbox" ng-model="site.favorite" name="Favorite" />
+                Favorite
+            </label>
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="addSiteForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="addSiteForm.$loading"></i>Submit
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>

src/Web/wwwroot/app/vault/views/vaultEditFolder.html

@@ -0,0 +1,24 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="editFolderModelLabel"><i class="fa fa-folder"></i> Edit Folder <small>{{folder.name}}</small></h4>
+</div>
+<form name="editFolderForm" ng-submit="editFolderForm.$valid && save(folder)" api-form="savePromise">
+    <div class="modal-body">
+        <div class="callout callout-danger validation-errors" ng-show="editFolderForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in editFolderForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="name">Name</label>
+            <input type="text" id="name" name="Name" ng-model="folder.name" class="form-control" required api-field />
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="editFolderForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="editFolderForm.$loading"></i>Save
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>

src/Web/wwwroot/app/vault/views/vaultEditSite.html

@@ -0,0 +1,104 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title" id="editSiteModelLabel"><i class="fa fa-globe"></i> Site Information <small>{{site.name}}</small></h4>
+</div>
+<form name="editSiteForm" ng-submit="editSiteForm.$valid && save(site)" api-form="savePromise">
+    <div class="modal-body">
+        <div class="callout callout-danger validation-errors" ng-show="editSiteForm.$errors">
+            <h4>Errors have occured</h4>
+            <ul>
+                <li ng-repeat="e in editSiteForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="uri">URI</label>
+            <div class="input-group">
+                <input type="text" id="uri" name="Uri" ng-model="site.uri" class="form-control" placeholder="http://..." api-field />
+                <span class="input-group-btn">
+                    <button tabindex="-1" class="btn btn-default btn-flat" type="button" uib-tooltip="Copy URI" tooltip-placement="left" ngclipboard
+                            ngclipboard-error="clipboardError(e)"
+                            data-clipboard-target="#uri">
+                        <i class="fa fa-clipboard"></i>
+                    </button>
+                    <a href="{{site.uri}}" target="_blank" class="btn btn-default btn-flat" uib-tooltip="Go To Site" tooltip-placement="left">
+                        <i class="fa fa-share"></i>
+                    </a>
+                </span>
+            </div>
+        </div>
+        <div class="row">
+            <div class="col-md-6">
+                <div class="form-group" show-errors>
+                    <label for="name">Name</label>
+                    <input type="text" id="name" name="Name" ng-model="site.name" class="form-control" required api-field />
+                </div>
+            </div>
+            <div class="col-md-6">
+                <div class="form-group" show-errors>
+                    <label for="folder">Folder</label>
+                    <select id="folder" name="FolderId" ng-model="site.folderId" class="form-control" api-field>
+                        <option ng-repeat="folder in folders | orderBy: folderSort" value="{{folder.id}}">{{folder.name}}</option>
+                    </select>
+                </div>
+            </div>
+        </div>
+        <div class="row">
+            <div class="col-md-6">
+                <div class="form-group" show-errors>
+                    <label for="username">Username</label>
+                    <div class="input-group">
+                        <input type="text" id="username" name="Username" ng-model="site.username" class="form-control" api-field />
+                        <span class="input-group-btn" uib-tooltip="Copy Username" tooltip-placement="left">
+                            <button tabindex="-1" class="btn btn-default btn-flat" type="button" ngclipboard
+                                    ngclipboard-error="clipboardError(e)"
+                                    data-clipboard-target="#username">
+                                <i class="fa fa-clipboard"></i>
+                            </button>
+                        </span>
+                    </div>
+                </div>
+            </div>
+            <div class="col-md-6">
+                <div class="form-group" show-errors>
+                    <div class="pull-right password-options">
+                        <i class="fa fa-lg fa-refresh" uib-tooltip="Generate Password" tooltip-placement="left" ng-click="generatePassword()"></i>
+                        <i class="fa fa-lg fa-eye" uib-tooltip="Toggle Password" tooltip-placement="left" password-viewer="#password"></i>
+                    </div>
+                    <label for="password">Password</label>
+                    <div class="input-group">
+                        <input type="text" id="password-text" value="{{site.password}}" style="margin-left: -9999px;" />
+                        <input type="password" id="password" name="Password" ng-model="site.password" class="form-control" api-field />
+                        <span class="input-group-btn" uib-tooltip="Copy Password" tooltip-placement="left">
+                            <button tabindex="-1" class="btn btn-default btn-flat" type="button" ngclipboard
+                                    ngclipboard-success="clipboardSuccess(e)"
+                                    ngclipboard-error="clipboardError(e, true)"
+                                    data-clipboard-target="#password-text">
+                                <i class="fa fa-clipboard"></i>
+                            </button>
+                        </span>
+                    </div>
+                </div>
+                <div style="margin: -10px 0 15px 0;" password-meter="site.password" password-meter-username="site.username" outer-class="xs"></div>
+            </div>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="notes">Notes</label>
+            <textarea id="notes" name="Notes" class="form-control" ng-model="site.notes" api-field></textarea>
+        </div>
+        <div class="checkbox">
+            <label>
+                <input type="checkbox" ng-model="site.favorite" name="Favorite" />
+                Favorite
+            </label>
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="editSiteForm.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="editSiteForm.$loading"></i>Save
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+        <button type="button" class="btn btn-link pull-right" ng-click="delete()" uib-tooltip="Delete">
+            <i class="fa fa-trash fa-lg"></i>
+        </button>
+    </div>
+</form>

src/Web/wwwroot/app/views/backendLayout.html

@@ -0,0 +1,175 @@
+<div class="wrapper toast-target">
+    <header class="main-header" ng-controller="topNavController as topNav">
+        <a ui-sref="backend.vault" class="logo">
+            <span class="logo-mini"><i class="fa fa-shield"></i></span>
+            <span class="logo-lg"><i class="fa fa-shield"></i> <b>bit</b>warden</span>
+        </a>
+        <nav class="navbar navbar-static-top" role="navigation">
+            <a class="sidebar-toggle" data-toggle="offcanvas" role="button">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+            </a>
+            <div class="navbar-custom-menu">
+                <ul class="nav navbar-nav">
+                    <li><a ui-sref="frontend.logout">Log Out</a></li>
+                </ul>
+            </div>
+        </nav>
+    </header>
+
+    <aside class="main-sidebar" ng-controller="sideNavController as sideNav">
+        <section class="sidebar">
+            <div class="user-panel">
+                <div class="pull-left image">
+                    <img src="//www.gravatar.com/avatar/{{ main.userProfile.email | gravatar }}.jpg?s=45&d=mm"
+                         class="img-circle" alt="User Image">
+                </div>
+                <div class="pull-left info">
+                    <p>{{main.userProfile.extended && main.userProfile.extended.name ? main.userProfile.extended.name : main.userProfile.email}}</p>
+                    <a ui-sref="frontend.logout">Log Out</a>
+                </div>
+            </div>
+            <form class="sidebar-form">
+                <label for="search" class="sr-only">Search</label>
+                <div class="form-group has-feedback">
+                    <input type="text" id="search" class="form-control" placeholder="Search vault..."
+                           ng-focus="searchVault()" ng-model="main.searchVaultText" />
+                    <span class="fa fa-search form-control-feedback" aria-hidden="true"></span>
+                </div>
+            </form>
+            <ul class="sidebar-menu">
+                <li class="header">WEB VAULT</li>
+                <li class="treeview" ng-class="{active: $state.includes('backend.vault')}">
+                    <a ui-sref="backend.vault"><i class="fa fa-lock"></i> <span>My Vault</span></a>
+                    <ul class="treeview-menu menu-open">
+                        <li>
+                            <a href="javascript:void(0)" ng-click="addSite()">
+                                <i class="fa fa-plus"></i> New Site
+                            </a>
+                        </li>
+                        <li>
+                            <a href="javascript:void(0)" ng-click="addFolder()">
+                                <i class="fa fa-folder"></i> New Folder
+                            </a>
+                        </li>
+                    </ul>
+                </li>
+                <li class="treeview" ng-class="{active: $state.includes('backend.settings')}">
+                    <a ui-sref="backend.settings"><i class="fa fa-cogs"></i> <span>Settings</span></a>
+                    <ul class="treeview-menu">
+                        <li>
+                            <a href="javascript:void(0)" ng-click="changePassword()">
+                                <i class="fa fa-circle-o"></i> Change Password
+                            </a>
+                        </li>
+                        <li>
+                            <a href="javascript:void(0)" ng-click="changeEmail()">
+                                <i class="fa fa-circle-o"></i> Change Email
+                            </a>
+                        </li>
+                        <li>
+                            <a href="javascript:void(0)" ng-click="sessions()">
+                                <i class="fa fa-circle-o"></i> Deauthorize Sessions
+                            </a>
+                        </li>
+                        <li>
+                            <a href="javascript:void(0)" ng-click="twoFactor()">
+                                <i class="fa fa-circle-o"></i> Two-step Login
+                            </a>
+                        </li>
+                        <li>
+                            <a href="javascript:void(0)" ng-click="delete()">
+                                <i class="fa fa-circle-o"></i> Delete Account
+                            </a>
+                        </li>
+                    </ul>
+                </li>
+                <li class="treeview" ng-class="{active: $state.includes('backend.tools')}">
+                    <a ui-sref="backend.tools"><i class="fa fa-wrench"></i> <span>Tools</span></a>
+                    <ul class="treeview-menu">
+                        <li>
+                            <a href="javascript:void(0)" ng-click="import()">
+                                <i class="fa fa-circle-o"></i> Import
+                            </a>
+                        </li>
+                        <li>
+                            <a href="javascript:void(0)" ng-click="export()">
+                                <i class="fa fa-circle-o"></i> Export
+                            </a>
+                        </li>
+                        <li>
+                            <a href="javascript:void(0)" ng-click="audits()">
+                                <i class="fa fa-circle-o"></i> Audits
+                            </a>
+                        </li>
+                    </ul>
+                </li>
+                <li>
+                    <a href="https://help.bitwarden.com/" target="_blank"
+                       analytics-on="click" analytics-event="Clicked Get Help">
+                        <i class="fa fa-info-circle"></i> <span>Get Help</span>
+                    </a>
+                </li>
+                <li class="header">
+                    <small class="label pull-right bg-green">FREE</small>
+                    MOBILE APPS
+                </li>
+                <li>
+                    <a href="https://itunes.apple.com/us/app/bitwarden-free-password-manager/id1137397744?mt=8"
+                       target="_blank" analytics-on="click" analytics-event="Clicked iOS">
+                        <i class="fa fa-apple"></i> <span>iOS</span>
+                    </a>
+                </li>
+                <li>
+                    <a href="https://play.google.com/store/apps/details?id=com.x8bit.bitwarden"
+                       target="_blank" analytics-on="click" analytics-event="Clicked Android">
+                        <i class="fa fa-android"></i> <span>Android</span>
+                    </a>
+                </li>
+                <li class="header">
+                    <small class="label pull-right bg-green">FREE</small>
+                    BROWSER EXTENSIONS
+                </li>
+                <li>
+                    <a href="https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb"
+                       target="_blank" analytics-on="click" analytics-event="Clicked Chrome">
+                        <i class="fa fa-chrome"></i> <span>Chrome</span>
+                    </a>
+                </li>
+                <li>
+                    <a href="javascript:void(0)"
+                       target="_blank" analytics-on="click" analytics-event="Clicked Firefox">
+                        <small class="label pull-right bg-gray">coming very soon</small>
+                        <i class="fa fa-firefox"></i> <span>Firefox</span>
+                    </a>
+                </li>
+                <li>
+                    <a href="javascript:void(0)"
+                       target="_blank" analytics-on="click" analytics-event="Clicked Opera">
+                        <small class="label pull-right bg-gray">coming very soon</small>
+                        <i class="fa fa-opera"></i> <span>Opera</span>
+                    </a>
+                </li>
+                <li>
+                    <a href="javascript:void(0)"
+                       target="_blank" analytics-on="click" analytics-event="Clicked Edge">
+                        <small class="label pull-right bg-gray">coming soon</small>
+                        <i class="fa fa-edge"></i> <span>Edge</span>
+                    </a>
+                </li>
+            </ul>
+        </section>
+    </aside>
+
+    <div class="content-wrapper" ui-view>
+    </div>
+
+    <footer class="main-footer">
+        <div class="pull-right hidden-xs">
+            <b>Version</b> {{main.version}}
+        </div>
+        <strong>Copyright &copy; <span ng-bind="currentYear"></span></strong>, bitwarden.com
+    </footer>
+</div>

src/Web/wwwroot/app/views/frontendLayout.html

@@ -0,0 +1,2 @@
+<div class="toast-target" ui-view>
+</div>

src/Web/wwwroot/index.html

@@ -0,0 +1,136 @@
+<!DOCTYPE html>
+<html ng-app="bit">
+<head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
+    <base href="/" />
+
+    <title page-title>bitwarden.com Password Manager</title>
+
+    <!-- @if true !>
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />
+    <meta name="x-stylesheet-test-bs" content="" class="invisible" />
+    <script>!function(a,b,c){var d,e=document,f=e.getElementsByTagName('SCRIPT'),g=f[f.length-1].previousElementSibling,h=e.defaultView&&e.defaultView.getComputedStyle?e.defaultView.getComputedStyle(g):g.currentStyle;if(h&&h[a]!==b)for(d=0;d<c.length;d++)e.write('<link rel="stylesheet" href="'+c[d]+'"/>')}('visibility','hidden',['lib\/bootstrap\/css\/bootstrap.min.css?v=<!-- @echo cacheTag !>']);</script>
+
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css" />
+    <meta name="x-stylesheet-test-fa" content="" class="fa" />
+    <script>!function(a,b,c){var d,e=document,f=e.getElementsByTagName('SCRIPT'),g=f[f.length-1].previousElementSibling,h=e.defaultView&&e.defaultView.getComputedStyle?e.defaultView.getComputedStyle(g):g.currentStyle;if(h&&h[a]!==b)for(d=0;d<c.length;d++)e.write('<link rel="stylesheet" href="'+c[d]+'"/>')}('font-family','FontAwesome',['lib\/font-awesome\/css\/font-awesome.min.css?v=<!-- @echo cacheTag !>']);</script>
+
+    <link rel="stylesheet" href="css/vault.min.css?v=<!-- @echo cacheTag !>" />
+    <!-- @endif -->
+    <!-- @exclude -->
+    <link rel="stylesheet" href="lib/bootstrap/css/bootstrap.css" />
+    <link rel="stylesheet" href="lib/font-awesome/css/font-awesome.css" />
+
+    <link rel="stylesheet" href="css/vault.css" />
+    <!-- @endexclude -->
+</head>
+<body ng-controller="mainController as main" class="layout-boxed skin-blue sidebar-mini {{main.bodyClass}}">
+    <div ui-view></div>
+
+    <!-- @if true !>
+    <script src="//ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
+    <script>(window.jQuery||document.write('<script src="lib\/jquery\/jquery.min.js?v=<!-- @echo cacheTag !>"><\/script>'));</script>
+
+    <script src="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
+    <script>((window.jQuery&&window.jQuery.fn&&window.jQuery.fn.modal)||document.write('<script src="lib\/bootstrap\/js\/bootstrap.min.js?v=<!-- @echo cacheTag !>"><\/script>'));</script>
+
+    <script src="//ajax.googleapis.com/ajax/libs/angularjs/1.5.6/angular.min.js"></script>
+    <script>(window.angular||document.write('<script src="lib\/angular\/angular.min.js?v=<!-- @echo cacheTag !>"><\/script>'));</script>
+
+    <script src="js/lib.min.js?v=<!-- @echo cacheTag !>"></script>
+    <script src="js/app.min.js?v=<!-- @echo cacheTag !>"></script>
+
+    <script>
+        (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
+        (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
+        m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
+        })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
+
+        ga('create', 'UA-81915606-3', 'auto');
+    </script>
+    <!-- @endif -->
+    <!-- @exclude -->
+    <script src="lib/jquery/jquery.js"></script>
+    <script src="lib/bootstrap/js/bootstrap.js"></script>
+    <script src="lib/admin-lte/js/app.js"></script>
+
+    <script src="lib/sjcl/sjcl.js"></script>
+    <script src="lib/sjcl/cbc.js"></script>
+    <script src="lib/sjcl/bitArray.js"></script>
+
+    <script src="lib/papaparse/papaparse.js"></script>
+    <script src="lib/clipboard/clipboard.js"></script>
+
+    <script src="lib/angular/angular.js"></script>
+    <script src="lib/angular-cookies/angular-cookies.js"></script>
+    <script src="lib/angular-messages/angular-messages.js"></script>
+    <script src="lib/angular-jwt/angular-jwt.js"></script>
+    <script src="lib/angular-resource/angular-resource.js"></script>
+    <script src="lib/angular-ui-router/angular-ui-router.js"></script>
+    <script src="lib/angular-bootstrap/angular-bootstrap-tpls.js"></script>
+    <script src="lib/angular-md5/angular-md5.js"></script>
+    <script src="lib/angular-toastr/angular-toastr.tpls.js"></script>
+    <script src="lib/angular-bootstrap-show-errors/showErrors.js"></script>
+    <script src="lib/ngstorage/ngStorage.js"></script>
+    <script src="lib/ngclipboard/ngclipboard.js"></script>
+    <script src="lib/angulartics/angulartics.js"></script>
+    <script src="lib/angulartics/angulartics-ga.js"></script>
+
+    <script src="app/app.js"></script>
+    <script src="app/settings.js"></script>
+    <script src="app/config.js"></script>
+    <script src="app/apiInterceptor.js"></script>
+
+    <script src="app/directives/directivesModule.js"></script>
+    <script src="app/directives/pageTitleDirective.js"></script>
+    <script src="app/directives/apiFormDirective.js"></script>
+    <script src="app/directives/apiFieldDirective.js"></script>
+    <script src="app/directives/masterPasswordDirective.js"></script>
+    <script src="app/directives/passwordMeterDirective.js"></script>
+    <script src="app/directives/passwordViewerDirective.js"></script>
+
+    <script src="app/services/servicesModule.js"></script>
+    <script src="app/services/tokenService.js"></script>
+    <script src="app/services/apiService.js"></script>
+    <script src="app/services/authService.js"></script>
+    <script src="app/services/cryptoService.js"></script>
+    <script src="app/services/cipherService.js"></script>
+    <script src="app/services/validationService.js"></script>
+    <script src="app/services/passwordService.js"></script>
+    <script src="app/services/importService.js"></script>
+
+    <script src="app/global/globalModule.js"></script>
+    <script src="app/global/mainController.js"></script>
+    <script src="app/global/topNavController.js"></script>
+    <script src="app/global/sideNavController.js"></script>
+
+    <script src="app/accounts/accountsModule.js"></script>
+    <script src="app/accounts/accountsLoginController.js"></script>
+    <script src="app/accounts/accountsLogoutController.js"></script>
+    <script src="app/accounts/accountsRegisterController.js"></script>
+    <script src="app/accounts/accountsPasswordHintController.js"></script>
+
+    <script src="app/vault/vaultModule.js"></script>
+    <script src="app/vault/vaultController.js"></script>
+    <script src="app/vault/vaultEditSiteController.js"></script>
+    <script src="app/vault/vaultAddSiteController.js"></script>
+    <script src="app/vault/vaultEditFolderController.js"></script>
+    <script src="app/vault/vaultAddFolderController.js"></script>
+
+    <script src="app/settings/settingsModule.js"></script>
+    <script src="app/settings/settingsController.js"></script>
+    <script src="app/settings/settingsChangePasswordController.js"></script>
+    <script src="app/settings/settingsChangeEmailController.js"></script>
+    <script src="app/settings/settingsTwoFactorController.js"></script>
+    <script src="app/settings/settingsSessionsController.js"></script>
+    <script src="app/settings/settingsDeleteController.js"></script>
+
+    <script src="app/tools/toolsModule.js"></script>
+    <script src="app/tools/toolsController.js"></script>
+    <script src="app/tools/toolsImportController.js"></script>
+    <script src="app/tools/toolsExportController.js"></script>
+    <script src="app/tools/toolsAuditsController.js"></script>
+    <!-- @endexclude -->
+</body>
+</html>