Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-21 12:05:42 +01:00
Code Issues Projects Releases Wiki Activity

validate authenticator on set instead of get

Browse Source
This commit is contained in:
Jake Fink 2024-07-17 16:33:51 -04:00
parent 8fafea6056
commit 7bf2084531
No known key found for this signature in database
GPG Key ID: FD482F8453480035
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/Auth/Controllers/TwoFactorController.cs
View File

@ -93,7 +93,7 @@ public class TwoFactorController : Controller
public async Task<TwoFactorAuthenticatorResponseModel> GetAuthenticator( public async Task<TwoFactorAuthenticatorResponseModel> GetAuthenticator(
[FromBody] SecretVerificationRequestModel model) [FromBody] SecretVerificationRequestModel model)
{ {
var user = await CheckAsync(model, false, false); var user = await CheckAsync(model, false);
var response = new TwoFactorAuthenticatorResponseModel(user); var response = new TwoFactorAuthenticatorResponseModel(user);
return response; return response;
} }
@ -103,7 +103,7 @@ public class TwoFactorController : Controller
public async Task<TwoFactorAuthenticatorResponseModel> PutAuthenticator( public async Task<TwoFactorAuthenticatorResponseModel> PutAuthenticator(
[FromBody] UpdateTwoFactorAuthenticatorRequestModel model) [FromBody] UpdateTwoFactorAuthenticatorRequestModel model)
{ {
var user = await CheckAsync(model, false); var user = await CheckAsync(model, false, false);
model.ToUser(user); model.ToUser(user);
if (!await _userManager.VerifyTwoFactorTokenAsync(user, if (!await _userManager.VerifyTwoFactorTokenAsync(user,