bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-12-10 00:42:07 -06:00
Code Issues Packages Projects Releases 211 Wiki Activity

chore(feature-flag): [PM-18179] Remove pm-17128-recovery-code-login feature flag

Browse Source 
* Rmoved feature flag and obsolete endpoint

* Removed obsolete method.
This commit is contained in:
Todd Martin 2025-09-02 11:18:36 -04:00 committed by GitHub
parent 101e29b354
commit cb1db262ca
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 0 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/Api/Auth/Controllers/TwoFactorController.cs
View File

@ -409,21 +409,6 @@ public class TwoFactorController : Controller
return response;
}
/// <summary>
/// To be removed when the feature flag pm-17128-recovery-code-login is removed PM-18175.
/// </summary>
[Obsolete("Two Factor recovery is handled in the TwoFactorAuthenticationValidator.")]
[HttpPost("recover")]
[AllowAnonymous]
public async Task PostRecover([FromBody] TwoFactorRecoveryRequestModel model)
{
if (!await _userService.RecoverTwoFactorAsync(model.Email, model.MasterPasswordHash, model.RecoveryCode))
{
await Task.Delay(2000);
throw new BadRequestException(string.Empty, "Invalid information. Try again.");
}
}
[Obsolete("Leaving this for backwards compatibility on clients")]
[HttpGet("get-device-verification-settings")]
public Task<DeviceVerificationResponseModel> GetDeviceVerificationSettings()

1
src/Core/Constants.cs
View File

@ -121,7 +121,6 @@ public static class FeatureFlagKeys
public const string BrowserExtensionLoginApproval = "pm-14938-browser-extension-login-approvals";
public const string SetInitialPasswordRefactor = "pm-16117-set-initial-password-refactor";
public const string ChangeExistingPasswordRefactor = "pm-16117-change-existing-password-refactor";
public const string RecoveryCodeLogin = "pm-17128-recovery-code-login";
public const string Otp6Digits = "pm-18612-otp-6-digits";
public const string FailedTwoFactorEmail = "pm-24425-send-2fa-failed-email";

3
src/Core/Services/IUserService.cs
View File

@ -90,9 +90,6 @@ public interface IUserService
void SetTwoFactorProvider(User user, TwoFactorProviderType type, bool setEnabled = true);
[Obsolete("To be removed when the feature flag pm-17128-recovery-code-login is removed PM-18175.")]
Task<bool> RecoverTwoFactorAsync(string email, string masterPassword, string recoveryCode);
/// <summary>
/// This method is used by the TwoFactorAuthenticationValidator to recover two
/// factor for a user. This allows users to be logged in after a successful recovery

33
src/Core/Services/Implementations/UserService.cs
View File

@ -865,39 +865,6 @@ public class UserService : UserManager<User>, IUserService
}
}
/// <summary>
/// To be removed when the feature flag pm-17128-recovery-code-login is removed PM-18175.
/// </summary>
[Obsolete("Two Factor recovery is handled in the TwoFactorAuthenticationValidator.")]
public async Task<bool> RecoverTwoFactorAsync(string email, string secret, string recoveryCode)
{
var user = await _userRepository.GetByEmailAsync(email);
if (user == null)
{
// No user exists. Do we want to send an email telling them this in the future?
return false;
}
if (!await VerifySecretAsync(user, secret))
{
return false;
}
if (!CoreHelpers.FixedTimeEquals(user.TwoFactorRecoveryCode, recoveryCode))
{
return false;
}
user.TwoFactorProviders = null;
user.TwoFactorRecoveryCode = CoreHelpers.SecureRandomString(32, upper: false, special: false);
await SaveUserAsync(user);
await _mailService.SendRecoverTwoFactorEmail(user.Email, DateTime.UtcNow, _currentContext.IpAddress);
await _eventService.LogUserEventAsync(user.Id, EventType.User_Recovered2fa);
await CheckPoliciesOnTwoFactorRemovalAsync(user);
return true;
}
public async Task<bool> RecoverTwoFactorAsync(User user, string recoveryCode)
{
if (!CoreHelpers.FixedTimeEquals(