Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-02-16 01:51:21 +01:00
Code Issues Projects Releases Wiki Activity

org invite exp hours configurable

Browse Source
This commit is contained in:
Kyle Spearrin 2019-06-11 16:44:59 -04:00
parent da4918b4aa
commit 6ab2f4ff87
3 changed files with 28 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Core/GlobalSettings.cs
View File

@ -16,6 +16,7 @@ namespace Bit.Core
public virtual string HibpBreachApiKey { get; set; } public virtual string HibpBreachApiKey { get; set; }
public virtual bool DisableUserRegistration { get; set; } public virtual bool DisableUserRegistration { get; set; }
public virtual bool DisableEmailNewDevice { get; set; } public virtual bool DisableEmailNewDevice { get; set; }
public virtual int OrganizationInviteExpirationHours { get; set; } = 120; // 5 days
public virtual InstallationSettings Installation { get; set; } = new InstallationSettings(); public virtual InstallationSettings Installation { get; set; } = new InstallationSettings();
public virtual BaseServiceUriSettings BaseServiceUri { get; set; } = new BaseServiceUriSettings(); public virtual BaseServiceUriSettings BaseServiceUri { get; set; } = new BaseServiceUriSettings();
public virtual SqlSettings SqlServer { get; set; } = new SqlSettings(); public virtual SqlSettings SqlServer { get; set; } = new SqlSettings();

28
src/Core/Services/Implementations/OrganizationService.cs
View File

@ -954,7 +954,7 @@ namespace Bit.Core.Services
throw new BadRequestException("You are already part of this organization."); throw new BadRequestException("You are already part of this organization.");
} }
if(!CoreHelpers.UserInviteTokenIsValid(_dataProtector, token, user.Email, orgUser.Id)) if(!UserInviteTokenIsValid(_dataProtector, token, user.Email, orgUser.Id))
{ {
throw new BadRequestException("Invalid token."); throw new BadRequestException("Invalid token.");
} }
@ -1411,5 +1411,31 @@ namespace Bit.Core.Services
$"{plan.MaxAdditionalSeats.GetValueOrDefault(0)} additional users."); $"{plan.MaxAdditionalSeats.GetValueOrDefault(0)} additional users.");
} }
} }
public bool UserInviteTokenIsValid(IDataProtector protector, string token, string userEmail, Guid orgUserId)
{
var invalid = true;
try
{
var unprotectedData = protector.Unprotect(token);
var dataParts = unprotectedData.Split(' ');
if(dataParts.Length == 4 && dataParts[0] == "OrganizationUserInvite" &&
new Guid(dataParts[1]) == orgUserId &&
dataParts[2].Equals(userEmail, StringComparison.InvariantCultureIgnoreCase))
{
var creationTime = CoreHelpers.FromEpocMilliseconds(Convert.ToInt64(dataParts[3]));
var expTime = creationTime.AddHours(_globalSettings.OrganizationInviteExpirationHours);
invalid = expTime < DateTime.UtcNow;
}
}
catch
{
invalid = true;
}
return !invalid;
}
} }
} }

24
src/Core/Utilities/CoreHelpers.cs
View File

@ -472,30 +472,6 @@ namespace Bit.Core.Utilities
return new Uri(string.Format("{0}?{1}", baseUri, queryCollection), uriKind); return new Uri(string.Format("{0}?{1}", baseUri, queryCollection), uriKind);
} }
public static bool UserInviteTokenIsValid(IDataProtector protector, string token,
string userEmail, Guid orgUserId)
{
var invalid = true;
try
{
var unprotectedData = protector.Unprotect(token);
var dataParts = unprotectedData.Split(' ');
if(dataParts.Length == 4 && dataParts[0] == "OrganizationUserInvite" &&
new Guid(dataParts[1]) == orgUserId &&
dataParts[2].Equals(userEmail, StringComparison.InvariantCultureIgnoreCase))
{
var creationTime = FromEpocMilliseconds(Convert.ToInt64(dataParts[3]));
invalid = creationTime.AddDays(5) < DateTime.UtcNow;
}
}
catch
{
invalid = true;
}
return !invalid;
}
public static string CustomProviderName(TwoFactorProviderType type) public static string CustomProviderName(TwoFactorProviderType type)
{ {
return string.Concat("Custom_", type.ToString()); return string.Concat("Custom_", type.ToString());