passwordless sign in for admin

2025-12-30 23:23:37 +00:00 · 2018-03-21 14:26:49 -04:00
parent 1be7701da0
commit d35d8185ed
16 changed files with 333 additions and 77 deletions
--- a/src/Core/Identity/ReadOnlyDatabaseIdentityUserStore.cs
+++ b/src/Core/Identity/ReadOnlyDatabaseIdentityUserStore.cs
@@ -0,0 +1,37 @@
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Identity;
+using Bit.Core.Repositories;
+
+namespace Bit.Core.Identity
+{
+    public class ReadOnlyDatabaseIdentityUserStore : ReadOnlyIdentityUserStore
+    {
+        private readonly IUserRepository _userRepository;
+
+        public ReadOnlyDatabaseIdentityUserStore(IUserRepository userRepository)
+        {
+            _userRepository = userRepository;
+        }
+
+        public override async Task<IdentityUser> FindByEmailAsync(string normalizedEmail,
+            CancellationToken cancellationToken = default(CancellationToken))
+        {
+            var user = await _userRepository.GetByEmailAsync(normalizedEmail);
+            return user?.ToIdentityUser();
+        }
+
+        public override async Task<IdentityUser> FindByIdAsync(string userId,
+            CancellationToken cancellationToken = default(CancellationToken))
+        {
+            if(!Guid.TryParse(userId, out var userIdGuid))
+            {
+                return null;
+            }
+
+            var user = await _userRepository.GetByIdAsync(userIdGuid);
+            return user?.ToIdentityUser();
+        }
+    }
+}
--- a/src/Core/Identity/ReadOnlyEnvIdentityUserStore.cs
+++ b/src/Core/Identity/ReadOnlyEnvIdentityUserStore.cs
@@ -0,0 +1,53 @@
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Configuration;
+
+namespace Bit.Core.Identity
+{
+    public class ReadOnlyEnvIdentityUserStore : ReadOnlyIdentityUserStore
+    {
+        private readonly IConfiguration _configuration;
+
+        public ReadOnlyEnvIdentityUserStore(IConfiguration configuration)
+        {
+            _configuration = configuration;
+        }
+
+        public override Task<IdentityUser> FindByEmailAsync(string normalizedEmail,
+            CancellationToken cancellationToken = default(CancellationToken))
+        {
+            var usersCsv = _configuration["adminSettings:admins"];
+            if(string.IsNullOrWhiteSpace(usersCsv))
+            {
+                return Task.FromResult<IdentityUser>(null);
+            }
+
+            var users = usersCsv.ToLowerInvariant().Split(',');
+            var user = users.Where(a => a.Trim() == normalizedEmail).FirstOrDefault();
+            if(user == null || !user.Contains("@"))
+            {
+                return Task.FromResult<IdentityUser>(null);
+            }
+
+            user = user.Trim();
+            return Task.FromResult(new IdentityUser
+            {
+                Id = user,
+                Email = user,
+                NormalizedEmail = user,
+                EmailConfirmed = true,
+                UserName = user,
+                NormalizedUserName = user,
+                SecurityStamp = user
+            });
+        }
+
+        public override Task<IdentityUser> FindByIdAsync(string userId,
+            CancellationToken cancellationToken = default(CancellationToken))
+        {
+            return FindByEmailAsync(userId, cancellationToken);
+        }
+    }
+}
--- a/src/Core/Identity/ReadOnlyIdentityUserStore.cs
+++ b/src/Core/Identity/ReadOnlyIdentityUserStore.cs
@@ -2,22 +2,14 @@
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
-using Bit.Core.Repositories;

 namespace Bit.Core.Identity
 {
-    public class ReadOnlyIdentityUserStore :
+    public abstract class ReadOnlyIdentityUserStore :
        IUserStore<IdentityUser>,
        IUserEmailStore<IdentityUser>,
        IUserSecurityStampStore<IdentityUser>
    {
-        private readonly IUserRepository _userRepository;
-
-        public ReadOnlyIdentityUserStore(IUserRepository userRepository)
-        {
-            _userRepository = userRepository;
-        }
-
        public void Dispose() { }

        public Task<IdentityResult> CreateAsync(IdentityUser user,
@@ -32,24 +24,11 @@ namespace Bit.Core.Identity
            throw new NotImplementedException();
        }

-        public async Task<IdentityUser> FindByEmailAsync(string normalizedEmail,
-            CancellationToken cancellationToken = default(CancellationToken))
-        {
-            var user = await _userRepository.GetByEmailAsync(normalizedEmail);
-            return user?.ToIdentityUser();
-        }
+        public abstract Task<IdentityUser> FindByEmailAsync(string normalizedEmail,
+            CancellationToken cancellationToken = default(CancellationToken));

-        public async Task<IdentityUser> FindByIdAsync(string userId,
-            CancellationToken cancellationToken = default(CancellationToken))
-        {
-            if(!Guid.TryParse(userId, out var userIdGuid))
-            {
-                return null;
-            }
-
-            var user = await _userRepository.GetByIdAsync(userIdGuid);
-            return user?.ToIdentityUser();
-        }
+        public abstract Task<IdentityUser> FindByIdAsync(string userId,
+            CancellationToken cancellationToken = default(CancellationToken));

        public async Task<IdentityUser> FindByNameAsync(string normalizedUserName,
            CancellationToken cancellationToken = default(CancellationToken))