bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-21 18:53:41 +00:00
Code Issues Releases Wiki Activity

fix(2fa): [PM-22323] Do not show 2FA warning for 2FA setup and login emails

Browse Source 
* Added configuration to not display 2FA setup instruction

* Refactored to new service.

* Linting.

* Dependency injection

* Changed to scoped to have access to ICurrentContext.

* Inverted logic for EmailTotpAction

* Fixed tests.

* Fixed tests.

* More tests.

* Fixed tests.

* Linting.

* Added tests at controller level.

* Linting

* Fixed error in test.

* Review updates.

* Accidentally deleted imports.
This commit is contained in:
Todd Martin
2025-07-07 10:56:59 -04:00
committed by GitHub
parent 240968ef4c
commit 79ad1dbda0
18 changed files with 491 additions and 288 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/Core/Services/IUserService.cs
View File

@@ -21,21 +21,6 @@ public interface IUserService
Task<IdentityResult> CreateUserAsync(User user);
Task<IdentityResult> CreateUserAsync(User user, string masterPasswordHash);
Task SendMasterPasswordHintAsync(string email);
/// <summary>
/// Used for both email two factor and email two factor setup.
/// </summary>
/// <param name="user">user requesting the action</param>
/// <param name="authentication">this controls if what verbiage is shown in the email</param>
/// <returns>void</returns>
Task SendTwoFactorEmailAsync(User user, bool authentication = true);
/// <summary>
/// Calls the same email implementation but instead it sends the token to the account email not the
/// email set up for two-factor, since in practice they can be different.
/// </summary>
/// <param name="user">user attepting to login with a new device</param>
/// <returns>void</returns>
Task SendNewDeviceVerificationEmailAsync(User user);
Task<bool> VerifyTwoFactorEmailAsync(User user, string token);
Task<CredentialCreateOptions> StartWebAuthnRegistrationAsync(User user);
Task<bool> DeleteWebAuthnKeyAsync(User user, int id);
Task<bool> CompleteWebAuthRegistrationAsync(User user, int value, string name, AuthenticatorAttestationRawResponse attestationResponse);
@@ -87,7 +72,6 @@ public interface IUserService
Task SendOTPAsync(User user);
Task<bool> VerifyOTPAsync(User user, string token);
Task<bool> VerifySecretAsync(User user, string secret, bool isSettingMFA = false);
Task ResendNewDeviceVerificationEmail(string email, string secret);
/// <summary>
/// We use this method to check if the user has an active new device verification bypass
/// </summary>