Feature/sync Enable hcaptcha on login (#1469)

* Share globalSettings hcaptcha public key with clients * Require captcha valid only prior to two factor users with two factor will have already solved captcha is necessary. Users without two factor will have`TwoFactorVerified` set to false * Do not require CaptchaResponse on two-factor requests * Add option to always require captcha for testing purposes * Allow for self-hosted instances if they want to use it * Move refresh suggestion to correct error * Expect lifetime in helper method * Add captcha bypass token to successful captcha validations * Remove twofactorValidated * PR Feedback
2025-12-18 01:03:17 +00:00 · 2021-07-21 13:42:06 -05:00
parent 259bf8d760
commit 8e1e2fa2fe
9 changed files with 67 additions and 15 deletions
--- a/bitwarden_license/src/CommCore/Services/ProviderService.cs
+++ b/bitwarden_license/src/CommCore/Services/ProviderService.cs
@@ -88,7 +88,8 @@ namespace Bit.CommCore.Services
                throw new BadRequestException("Provider is already setup.");
            }

-            if (!CoreHelpers.TokenIsValid("ProviderSetupInvite", _dataProtector, token, owner.Email, provider.Id, _globalSettings))
+            if (!CoreHelpers.TokenIsValid("ProviderSetupInvite", _dataProtector, token, owner.Email, provider.Id,
+                _globalSettings.OrganizationInviteExpirationHours))
            {
                throw new BadRequestException("Invalid token.");
            }
@@ -196,7 +197,8 @@ namespace Bit.CommCore.Services
                throw new BadRequestException("Already accepted.");
            }

-            if (!CoreHelpers.TokenIsValid("ProviderUserInvite", _dataProtector, token, user.Email, providerUser.Id, _globalSettings))
+            if (!CoreHelpers.TokenIsValid("ProviderUserInvite", _dataProtector, token, user.Email, providerUser.Id,
+                _globalSettings.OrganizationInviteExpirationHours))
            {
                throw new BadRequestException("Invalid token.");
            }