[PM-24211]: 2FA Send Email Login validation should use AuthRequest.IsValidForAuthentication (#6695)

* fix(two-factor-controller) [PM-24211]: Update send email validation to use auth request's IsValidForAuthentication. * refactor(login-features) [PM-24211]: Remove Core.LoginFeatures as no longer used; AuthRequest.IsValidForAuthentication should be used for any applicable use cases. * feat(auth-request) [PM-24211]: Add tests for AuthRequest.IsValidForAuthentication. * fix(two-factor-controller) [PM-24211]: Branching logic should return on successful send. * chore(auth-request) [PM-24211]: Remove some old comments (solved-for). * fix(two-factor-controller) [PM-24211]: Update some comments (clarification/naming). * fix(two-factor-controller) [PM-24211]: Rephrase a comment (accuracy).
2025-12-31 15:43:16 +00:00 · 2025-12-09 09:30:06 -05:00
parent d26b5fa029
commit d1ae1fffd6
7 changed files with 232 additions and 57 deletions
--- a/src/Core/Auth/Entities/AuthRequest.cs
+++ b/src/Core/Auth/Entities/AuthRequest.cs
@@ -49,11 +49,9 @@ public class AuthRequest : ITableObject<Guid>

    public bool IsExpired()
    {
-        // TODO: PM-24252 - consider using TimeProvider for better mocking in tests
        return GetExpirationDate() < DateTime.UtcNow;
    }

-    // TODO: PM-24252 - this probably belongs in a service.
    public bool IsValidForAuthentication(Guid userId,
        string password)
    {
--- a/src/Core/Auth/LoginFeatures/LoginServiceCollectionExtensions.cs
+++ b/src/Core/Auth/LoginFeatures/LoginServiceCollectionExtensions.cs
@@ -1,14 +0,0 @@
-using Bit.Core.Auth.LoginFeatures.PasswordlessLogin;
-using Bit.Core.Auth.LoginFeatures.PasswordlessLogin.Interfaces;
-using Microsoft.Extensions.DependencyInjection;
-
-namespace Bit.Core.Auth.LoginFeatures;
-
-public static class LoginServiceCollectionExtensions
-{
-    public static void AddLoginServices(this IServiceCollection services)
-    {
-        services.AddScoped<IVerifyAuthRequestCommand, VerifyAuthRequestCommand>();
-    }
-}
-
--- a/src/Core/Auth/LoginFeatures/PasswordlessLogin/Interfaces/IVerifyAuthRequest.cs
+++ b/src/Core/Auth/LoginFeatures/PasswordlessLogin/Interfaces/IVerifyAuthRequest.cs
@@ -1,6 +0,0 @@
-namespace Bit.Core.Auth.LoginFeatures.PasswordlessLogin.Interfaces;
-
-public interface IVerifyAuthRequestCommand
-{
-    Task<bool> VerifyAuthRequestAsync(Guid authRequestId, string accessCode);
-}
--- a/src/Core/Auth/LoginFeatures/PasswordlessLogin/VerifyAuthRequest.cs
+++ b/src/Core/Auth/LoginFeatures/PasswordlessLogin/VerifyAuthRequest.cs
@@ -1,25 +0,0 @@
-using Bit.Core.Auth.LoginFeatures.PasswordlessLogin.Interfaces;
-using Bit.Core.Repositories;
-using Bit.Core.Utilities;
-
-namespace Bit.Core.Auth.LoginFeatures.PasswordlessLogin;
-
-public class VerifyAuthRequestCommand : IVerifyAuthRequestCommand
-{
-    private readonly IAuthRequestRepository _authRequestRepository;
-
-    public VerifyAuthRequestCommand(IAuthRequestRepository authRequestRepository)
-    {
-        _authRequestRepository = authRequestRepository;
-    }
-
-    public async Task<bool> VerifyAuthRequestAsync(Guid authRequestId, string accessCode)
-    {
-        var authRequest = await _authRequestRepository.GetByIdAsync(authRequestId);
-        if (authRequest == null || !CoreHelpers.FixedTimeEquals(authRequest.AccessCode, accessCode))
-        {
-            return false;
-        }
-        return true;
-    }
-}