admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-01-31 14:13:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

verify master password on reset password enrollment

Browse Source
This commit is contained in:
Kyle Spearrin
2021-11-05 14:01:20 -04:00
parent 68e20fe649
commit 87f1991e76
2 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/Api/Controllers/OrganizationUsersController.cs
View File

@@ -267,10 +267,23 @@ namespace Bit.Api.Controllers
}
[HttpPut("{userId}/reset-password-enrollment")]
public async Task PutResetPasswordEnrollment(string orgId, string userId, [FromBody]OrganizationUserResetPasswordEnrollmentRequestModel model)
public async Task PutResetPasswordEnrollment(string orgId, string userId,
[FromBody]OrganizationUserResetPasswordEnrollmentRequestModel model)
{
var callingUserId = _userService.GetProperUserId(User);
await _organizationService.UpdateUserResetPasswordEnrollmentAsync(new Guid(orgId), new Guid(userId), model.ResetPasswordKey, callingUserId);
var user = await _userService.GetUserByPrincipalAsync(User);
if(user == null)
{
throw new UnauthorizedAccessException();
}
if(!await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
{
await Task.Delay(2000);
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
}
await _organizationService.UpdateUserResetPasswordEnrollmentAsync(new Guid(orgId),
new Guid(userId), model.ResetPasswordKey, user.Id);
}
[HttpPut("{id}/reset-password")]

4
src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
View File

@@ -80,6 +80,10 @@ namespace Bit.Core.Models.Api
public class OrganizationUserResetPasswordEnrollmentRequestModel
{
[Required]
[StringLength(300)]
public string MasterPasswordHash { get; set; }
public string ResetPasswordKey { get; set; }
}