org invite exp hours configurable

2024-11-22 12:15:36 +01:00 · 2019-06-11 16:44:59 -04:00 · 2019-06-11 16:44:59 -04:00 · 6ab2f4ff87
commit 6ab2f4ff87
parent da4918b4aa
3 changed files with 28 additions and 25 deletions
--- a/src/Core/GlobalSettings.cs
+++ b/src/Core/GlobalSettings.cs
@ -16,6 +16,7 @@ namespace Bit.Core
        public virtual string HibpBreachApiKey { get; set; }
        public virtual bool DisableUserRegistration { get; set; }
        public virtual bool DisableEmailNewDevice { get; set; }
+        public virtual int OrganizationInviteExpirationHours { get; set; } = 120; // 5 days
        public virtual InstallationSettings Installation { get; set; } = new InstallationSettings();
        public virtual BaseServiceUriSettings BaseServiceUri { get; set; } = new BaseServiceUriSettings();
        public virtual SqlSettings SqlServer { get; set; } = new SqlSettings();
--- a/src/Core/Services/Implementations/OrganizationService.cs
+++ b/src/Core/Services/Implementations/OrganizationService.cs
@ -954,7 +954,7 @@ namespace Bit.Core.Services
                throw new BadRequestException("You are already part of this organization.");
            }

-            if(!CoreHelpers.UserInviteTokenIsValid(_dataProtector, token, user.Email, orgUser.Id))
+            if(!UserInviteTokenIsValid(_dataProtector, token, user.Email, orgUser.Id))
            {
                throw new BadRequestException("Invalid token.");
            }
@ -1411,5 +1411,31 @@ namespace Bit.Core.Services
                    $"{plan.MaxAdditionalSeats.GetValueOrDefault(0)} additional users.");
            }
        }
+
+
+
+        public bool UserInviteTokenIsValid(IDataProtector protector, string token, string userEmail, Guid orgUserId)
+        {
+            var invalid = true;
+            try
+            {
+                var unprotectedData = protector.Unprotect(token);
+                var dataParts = unprotectedData.Split(' ');
+                if(dataParts.Length == 4 && dataParts[0] == "OrganizationUserInvite" &&
+                    new Guid(dataParts[1]) == orgUserId &&
+                    dataParts[2].Equals(userEmail, StringComparison.InvariantCultureIgnoreCase))
+                {
+                    var creationTime = CoreHelpers.FromEpocMilliseconds(Convert.ToInt64(dataParts[3]));
+                    var expTime = creationTime.AddHours(_globalSettings.OrganizationInviteExpirationHours);
+                    invalid = expTime < DateTime.UtcNow;
+                }
+            }
+            catch
+            {
+                invalid = true;
+            }
+
+            return !invalid;
+        }
    }
 }
--- a/src/Core/Utilities/CoreHelpers.cs
+++ b/src/Core/Utilities/CoreHelpers.cs
@ -472,30 +472,6 @@ namespace Bit.Core.Utilities
            return new Uri(string.Format("{0}?{1}", baseUri, queryCollection), uriKind);
        }

-        public static bool UserInviteTokenIsValid(IDataProtector protector, string token,
-            string userEmail, Guid orgUserId)
-        {
-            var invalid = true;
-            try
-            {
-                var unprotectedData = protector.Unprotect(token);
-                var dataParts = unprotectedData.Split(' ');
-                if(dataParts.Length == 4 && dataParts[0] == "OrganizationUserInvite" &&
-                    new Guid(dataParts[1]) == orgUserId &&
-                    dataParts[2].Equals(userEmail, StringComparison.InvariantCultureIgnoreCase))
-                {
-                    var creationTime = FromEpocMilliseconds(Convert.ToInt64(dataParts[3]));
-                    invalid = creationTime.AddDays(5) < DateTime.UtcNow;
-                }
-            }
-            catch
-            {
-                invalid = true;
-            }
-
-            return !invalid;
-        }
-
        public static string CustomProviderName(TwoFactorProviderType type)
        {
            return string.Concat("Custom_", type.ToString());