chore(feature-flag): [PM-18179] Remove pm-17128-recovery-code-login feature flag

* Rmoved feature flag and obsolete endpoint

* Removed obsolete method.

src/Api/Auth/Controllers/TwoFactorController.cs

@@ -409,21 +409,6 @@ public class TwoFactorController : Controller
         return response;
     }
 
-    /// <summary>
-    /// To be removed when the feature flag pm-17128-recovery-code-login is removed PM-18175.
-    /// </summary>
-    [Obsolete("Two Factor recovery is handled in the TwoFactorAuthenticationValidator.")]
-    [HttpPost("recover")]
-    [AllowAnonymous]
-    public async Task PostRecover([FromBody] TwoFactorRecoveryRequestModel model)
-    {
-        if (!await _userService.RecoverTwoFactorAsync(model.Email, model.MasterPasswordHash, model.RecoveryCode))
-        {
-            await Task.Delay(2000);
-            throw new BadRequestException(string.Empty, "Invalid information. Try again.");
-        }
-    }
-
     [Obsolete("Leaving this for backwards compatibility on clients")]
     [HttpGet("get-device-verification-settings")]
     public Task<DeviceVerificationResponseModel> GetDeviceVerificationSettings()

src/Core/Constants.cs

@@ -121,7 +121,6 @@ public static class FeatureFlagKeys
     public const string BrowserExtensionLoginApproval = "pm-14938-browser-extension-login-approvals";
     public const string SetInitialPasswordRefactor = "pm-16117-set-initial-password-refactor";
     public const string ChangeExistingPasswordRefactor = "pm-16117-change-existing-password-refactor";
-    public const string RecoveryCodeLogin = "pm-17128-recovery-code-login";
     public const string Otp6Digits = "pm-18612-otp-6-digits";
     public const string FailedTwoFactorEmail = "pm-24425-send-2fa-failed-email";
 

src/Core/Services/IUserService.cs

@@ -90,9 +90,6 @@ public interface IUserService
 
     void SetTwoFactorProvider(User user, TwoFactorProviderType type, bool setEnabled = true);
 
-    [Obsolete("To be removed when the feature flag pm-17128-recovery-code-login is removed PM-18175.")]
-    Task<bool> RecoverTwoFactorAsync(string email, string masterPassword, string recoveryCode);
-
     /// <summary>
     /// This method is used by the TwoFactorAuthenticationValidator to recover two
     /// factor for a user. This allows users to be logged in after a successful recovery

src/Core/Services/Implementations/UserService.cs

@@ -865,39 +865,6 @@ public class UserService : UserManager<User>, IUserService
         }
     }
 
-    /// <summary>
-    /// To be removed when the feature flag pm-17128-recovery-code-login is removed PM-18175.
-    /// </summary>
-    [Obsolete("Two Factor recovery is handled in the TwoFactorAuthenticationValidator.")]
-    public async Task<bool> RecoverTwoFactorAsync(string email, string secret, string recoveryCode)
-    {
-        var user = await _userRepository.GetByEmailAsync(email);
-        if (user == null)
-        {
-            // No user exists. Do we want to send an email telling them this in the future?
-            return false;
-        }
-
-        if (!await VerifySecretAsync(user, secret))
-        {
-            return false;
-        }
-
-        if (!CoreHelpers.FixedTimeEquals(user.TwoFactorRecoveryCode, recoveryCode))
-        {
-            return false;
-        }
-
-        user.TwoFactorProviders = null;
-        user.TwoFactorRecoveryCode = CoreHelpers.SecureRandomString(32, upper: false, special: false);
-        await SaveUserAsync(user);
-        await _mailService.SendRecoverTwoFactorEmail(user.Email, DateTime.UtcNow, _currentContext.IpAddress);
-        await _eventService.LogUserEventAsync(user.Id, EventType.User_Recovered2fa);
-        await CheckPoliciesOnTwoFactorRemovalAsync(user);
-
-        return true;
-    }
-
     public async Task<bool> RecoverTwoFactorAsync(User user, string recoveryCode)
     {
         if (!CoreHelpers.FixedTimeEquals(