Password re-prompt (#1269)

* Add support for password re-prompt
2025-06-30 23:52:50 -05:00 · 2021-04-29 15:43:44 +02:00
parent 17db94190e
commit 2054e5a926
11 changed files with 229 additions and 6 deletions
--- a/src/Core/Enums/CipherRepromptType.cs
+++ b/src/Core/Enums/CipherRepromptType.cs
@ -0,0 +1,8 @@
+namespace Bit.Core.Enums
+{
+    public enum CipherRepromptType : byte
+    {
+        None = 0,
+        Password = 1,
+    }
+}
--- a/src/Core/Enums/EventType.cs
+++ b/src/Core/Enums/EventType.cs
@ -28,6 +28,7 @@
        Cipher_ClientAutofilled = 1114,
        Cipher_SoftDeleted = 1115,
        Cipher_Restored = 1116,
+        Cipher_ClientToggledCardNumberVisible = 1117,

        Collection_Created = 1300,
        Collection_Updated = 1301,
--- a/src/Core/Models/Api/Request/CipherRequestModel.cs
+++ b/src/Core/Models/Api/Request/CipherRequestModel.cs
@ -20,6 +20,7 @@ namespace Bit.Core.Models.Api
        public string OrganizationId { get; set; }
        public string FolderId { get; set; }
        public bool Favorite { get; set; }
+        public CipherRepromptType Reprompt { get; set; }
        [Required]
        [EncryptedString]
        [EncryptedStringLength(1000)]
@ -59,6 +60,7 @@ namespace Bit.Core.Models.Api
        {
            existingCipher.FolderId = string.IsNullOrWhiteSpace(FolderId) ? null : (Guid?)new Guid(FolderId);
            existingCipher.Favorite = Favorite;
+            existingCipher.Reprompt = Reprompt;
            ToCipher(existingCipher);
            return existingCipher;
        }
--- a/src/Core/Models/Api/Response/CipherResponseModel.cs
+++ b/src/Core/Models/Api/Response/CipherResponseModel.cs
@ -6,6 +6,7 @@ using System.Linq;
 using Newtonsoft.Json;
 using Bit.Core.Models.Data;
 using Bit.Core.Settings;
+using Bit.Core.Enums;

 namespace Bit.Core.Models.Api
 {
@ -91,12 +92,14 @@ namespace Bit.Core.Models.Api
            Favorite = cipher.Favorite;
            Edit = cipher.Edit;
            ViewPassword = cipher.ViewPassword;
+            Reprompt = cipher.Reprompt.GetValueOrDefault(CipherRepromptType.None);
        }

        public string FolderId { get; set; }
        public bool Favorite { get; set; }
        public bool Edit { get; set; }
        public bool ViewPassword { get; set; }
+        public CipherRepromptType Reprompt { get; set; }
    }

    public class CipherDetailsResponseModel : CipherResponseModel
--- a/src/Core/Models/Table/Cipher.cs
+++ b/src/Core/Models/Table/Cipher.cs
@ -21,6 +21,7 @@ namespace Bit.Core.Models.Table
        public DateTime CreationDate { get; internal set; } = DateTime.UtcNow;
        public DateTime RevisionDate { get; internal set; } = DateTime.UtcNow;
        public DateTime? DeletedDate { get; internal set; }
+        public Enums.CipherRepromptType? Reprompt { get; set; }

        public void SetNewId()
        {
--- a/src/Sql/dbo/Functions/CipherDetails.sql
+++ b/src/Sql/dbo/Functions/CipherDetails.sql
@ -25,6 +25,7 @@ SELECT
        THEN NULL
        ELSE TRY_CONVERT(UNIQUEIDENTIFIER, JSON_VALUE(C.[Folders], CONCAT('$."', @UserId, '"')))
    END [FolderId],
-    C.[DeletedDate]
+    C.[DeletedDate],
+    C.[Reprompt]
 FROM
    [dbo].[Cipher] C
--- a/Procedures/CipherDetails_Create.sql
+++ b/Procedures/CipherDetails_Create.sql
@ -14,7 +14,8 @@
    @Edit BIT, -- not used
    @ViewPassword BIT, -- not used
    @OrganizationUseTotp BIT, -- not used
-    @DeletedDate DATETIME2(7)
+    @DeletedDate DATETIME2(7),
+    @Reprompt TINYINT
 AS
 BEGIN
    SET NOCOUNT ON
@ -33,7 +34,8 @@ BEGIN
        [Folders],
        [CreationDate],
        [RevisionDate],
-        [DeletedDate]
+        [DeletedDate],
+        [Reprompt]
    )
    VALUES
    (
@ -46,7 +48,8 @@ BEGIN
        CASE WHEN @FolderId IS NOT NULL THEN CONCAT('{', @UserIdKey, ':"', @FolderId, '"', '}') ELSE NULL END,
        @CreationDate,
        @RevisionDate,
-        @DeletedDate
+        @DeletedDate,
+        @Reprompt
    )

    IF @OrganizationId IS NOT NULL
--- a/Procedures/CipherDetails_Update.sql
+++ b/Procedures/CipherDetails_Update.sql
@ -14,7 +14,8 @@
    @Edit BIT, -- not used
    @ViewPassword BIT, -- not used
    @OrganizationUseTotp BIT, -- not used
-    @DeletedDate DATETIME2(2)
+    @DeletedDate DATETIME2(2),
+    @Reprompt TINYINT
 AS
 BEGIN
    SET NOCOUNT ON
@ -47,6 +48,7 @@ BEGIN
            ELSE
                JSON_MODIFY([Favorites], @UserIdPath, NULL)
            END,
+        [Reprompt] = @Reprompt,
        [CreationDate] = @CreationDate,
        [RevisionDate] = @RevisionDate,
        [DeletedDate] = @DeletedDate
--- a/src/Sql/dbo/Tables/Cipher.sql
+++ b/src/Sql/dbo/Tables/Cipher.sql
@ -1,4 +1,5 @@
-CREATE TABLE [dbo].[Cipher] (
+
+CREATE TABLE [dbo].[Cipher] (
    [Id]             UNIQUEIDENTIFIER NOT NULL,
    [UserId]         UNIQUEIDENTIFIER NULL,
    [OrganizationId] UNIQUEIDENTIFIER NULL,
@ -10,6 +11,7 @@
    [CreationDate]   DATETIME2 (7)    NOT NULL,
    [RevisionDate]   DATETIME2 (7)    NOT NULL,
    [DeletedDate]    DATETIME2 (7)    NULL,
+    [Reprompt]       TINYINT          NULL,
    CONSTRAINT [PK_Cipher] PRIMARY KEY CLUSTERED ([Id] ASC),
    CONSTRAINT [FK_Cipher_Organization] FOREIGN KEY ([OrganizationId]) REFERENCES [dbo].[Organization] ([Id]),
    CONSTRAINT [FK_Cipher_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id])