From 737f549f8297709b9de487bf9b289e2584dd2329 Mon Sep 17 00:00:00 2001
From: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Date: Mon, 7 Jul 2025 15:52:30 -0400
Subject: [PATCH] feat(otp): [PM-18612] Consolidate all email OTP to use 6
 digits

* Change email OTP to 6 digits

* Added comment on base class
---
 .../Identity/TokenProviders/EmailTokenProvider.cs     |  5 ++++-
 .../TokenProviders/EmailTwoFactorTokenProvider.cs     | 11 ++++++-----
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/Core/Auth/Identity/TokenProviders/EmailTokenProvider.cs b/src/Core/Auth/Identity/TokenProviders/EmailTokenProvider.cs
index be94124c03..9481710390 100644
--- a/src/Core/Auth/Identity/TokenProviders/EmailTokenProvider.cs
+++ b/src/Core/Auth/Identity/TokenProviders/EmailTokenProvider.cs
@@ -7,6 +7,9 @@ using Microsoft.Extensions.DependencyInjection;
 
 namespace Bit.Core.Auth.Identity.TokenProviders;
 
+/// <summary>
+/// Generates and validates tokens for email OTPs.
+/// </summary>
 public class EmailTokenProvider : IUserTwoFactorTokenProvider<User>
 {
     private const string CacheKeyFormat = "EmailToken_{0}_{1}_{2}";
@@ -25,7 +28,7 @@ public class EmailTokenProvider : IUserTwoFactorTokenProvider<User>
         };
     }
 
-    public int TokenLength { get; protected set; } = 8;
+    public int TokenLength { get; protected set; } = 6;
     public bool TokenAlpha { get; protected set; } = false;
     public bool TokenNumeric { get; protected set; } = true;
 
diff --git a/src/Core/Auth/Identity/TokenProviders/EmailTwoFactorTokenProvider.cs b/src/Core/Auth/Identity/TokenProviders/EmailTwoFactorTokenProvider.cs
index 2f8481cea2..3101974b94 100644
--- a/src/Core/Auth/Identity/TokenProviders/EmailTwoFactorTokenProvider.cs
+++ b/src/Core/Auth/Identity/TokenProviders/EmailTwoFactorTokenProvider.cs
@@ -7,17 +7,18 @@ using Microsoft.Extensions.DependencyInjection;
 
 namespace Bit.Core.Auth.Identity.TokenProviders;
 
+/// <summary>
+/// Generates tokens for email two-factor authentication.
+/// It inherits from the EmailTokenProvider class, which manages the persistence and validation of tokens, 
+/// and adds additional validation to ensure that 2FA is enabled for the user.
+/// </summary>
 public class EmailTwoFactorTokenProvider : EmailTokenProvider
 {
     public EmailTwoFactorTokenProvider(
         [FromKeyedServices("persistent")]
         IDistributedCache distributedCache) :
         base(distributedCache)
-    {
-        TokenAlpha = false;
-        TokenNumeric = true;
-        TokenLength = 6;
-    }
+    { }
 
     public override Task<bool> CanGenerateTwoFactorTokenAsync(UserManager<User> manager, User user)
     {