nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-06 05:28:15 -05:00
Code

[SG-656] Send a captcha bypass token back from the register endpoint (#2278)

Browse Source 
* Send a captcha bypass token back from the register endpoint

* [review] Use existing user

* [review] Introduce ICaptcheProtectedResponseModel
This commit is contained in:
Addison Beck 2022-09-15 10:02:37 -04:00 committed by GitHub
parent 735ad264f1
commit 287dc2e06b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 32 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/Identity/Controllers/AccountsController.cs
View File

@ -6,6 +6,7 @@ using Bit.Core.Models.Data;
using Bit.Core.Repositories; using Bit.Core.Repositories;
using Bit.Core.Services; using Bit.Core.Services;
using Bit.Core.Utilities; using Bit.Core.Utilities;
using Bit.Identity.Models;
using Bit.SharedWeb.Utilities; using Bit.SharedWeb.Utilities;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
@ -18,27 +19,32 @@ public class AccountsController : Controller
private readonly ILogger<AccountsController> _logger; private readonly ILogger<AccountsController> _logger;
private readonly IUserRepository _userRepository; private readonly IUserRepository _userRepository;
private readonly IUserService _userService; private readonly IUserService _userService;
private readonly ICaptchaValidationService _captchaValidationService;
public AccountsController( public AccountsController(
ILogger<AccountsController> logger, ILogger<AccountsController> logger,
IUserRepository userRepository, IUserRepository userRepository,
IUserService userService) IUserService userService,
ICaptchaValidationService captchaValidationService)
{ {
_logger = logger; _logger = logger;
_userRepository = userRepository; _userRepository = userRepository;
_userService = userService; _userService = userService;
_captchaValidationService = captchaValidationService;
} }
// Moved from API, If you modify this endpoint, please update API as well. // Moved from API, If you modify this endpoint, please update API as well.
[HttpPost("register")] [HttpPost("register")]
[CaptchaProtected] [CaptchaProtected]
public async Task PostRegister([FromBody] RegisterRequestModel model) public async Task<RegisterResponseModel> PostRegister([FromBody] RegisterRequestModel model)
{ {
var result = await _userService.RegisterUserAsync(model.ToUser(), model.MasterPasswordHash, var user = model.ToUser();
var result = await _userService.RegisterUserAsync(user, model.MasterPasswordHash,
model.Token, model.OrganizationUserId); model.Token, model.OrganizationUserId);
if (result.Succeeded) if (result.Succeeded)
{ {
return; var captchaBypassToken = _captchaValidationService.GenerateCaptchaBypassToken(user);
return new RegisterResponseModel(captchaBypassToken);
} }
foreach (var error in result.Errors.Where(e => e.Code != "DuplicateUserName")) foreach (var error in result.Errors.Where(e => e.Code != "DuplicateUserName"))

4
src/Identity/Models/ICaptchaProtectedResponseModel.cs Normal file
View File

@ -0,0 +1,4 @@
public interface ICaptchaProtectedResponseModel
{
public string CaptchaBypassToken { get; set; }
}

14
src/Identity/Models/RegisterResponseModel.cs Normal file
View File

@ -0,0 +1,14 @@
using Bit.Core.Models.Api;
namespace Bit.Identity.Models;
public class RegisterResponseModel : ResponseModel, ICaptchaProtectedResponseModel
{
public RegisterResponseModel(string captchaBypassToken)
: base("register")
{
CaptchaBypassToken = captchaBypassToken;
}
public string CaptchaBypassToken { get; set; }
}

5
test/Identity.Test/Controllers/AccountsControllerTests.cs
View File

@ -20,16 +20,19 @@ public class AccountsControllerTests : IDisposable
private readonly ILogger<AccountsController> _logger; private readonly ILogger<AccountsController> _logger;
private readonly IUserRepository _userRepository; private readonly IUserRepository _userRepository;
private readonly IUserService _userService; private readonly IUserService _userService;
private readonly ICaptchaValidationService _captchaValidationService;
public AccountsControllerTests() public AccountsControllerTests()
{ {
_logger = Substitute.For<ILogger<AccountsController>>(); _logger = Substitute.For<ILogger<AccountsController>>();
_userRepository = Substitute.For<IUserRepository>(); _userRepository = Substitute.For<IUserRepository>();
_userService = Substitute.For<IUserService>(); _userService = Substitute.For<IUserService>();
_captchaValidationService = Substitute.For<ICaptchaValidationService>();
_sut = new AccountsController( _sut = new AccountsController(
_logger, _logger,
_userRepository, _userRepository,
_userService _userService,
_captchaValidationService
); );
} }