EC-198 Added feature flag for 2FA Email for new device login (#1993)

* EC-198 added global setting flag for 2FA email on new device login feature * EC-198 Removed is development environment check on 2FA email new device login given that we can now rely on the global settings feature flag * EC-198 Improved IGlobalSettings and UserService code for testing
2025-07-01 16:12:49 -05:00 · 2022-05-13 10:48:48 -03:00
parent bbb55ef8de
commit 2e2d3075d1
5 changed files with 28 additions and 21 deletions
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -17,9 +17,7 @@ using Bit.Core.Utilities;
 using Fido2NetLib;
 using Fido2NetLib.Objects;
 using Microsoft.AspNetCore.DataProtection;
-using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Identity;
-using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using File = System.IO.File;
@ -50,11 +48,10 @@ namespace Bit.Core.Services
        private readonly IReferenceEventService _referenceEventService;
        private readonly IFido2 _fido2;
        private readonly ICurrentContext _currentContext;
-        private readonly GlobalSettings _globalSettings;
+        private readonly IGlobalSettings _globalSettings;
        private readonly IOrganizationService _organizationService;
        private readonly IProviderUserRepository _providerUserRepository;
        private readonly IDeviceRepository _deviceRepository;
-        private readonly IWebHostEnvironment _environment;

        public UserService(
            IUserRepository userRepository,
@ -81,11 +78,10 @@ namespace Bit.Core.Services
            IReferenceEventService referenceEventService,
            IFido2 fido2,
            ICurrentContext currentContext,
-            GlobalSettings globalSettings,
+            IGlobalSettings globalSettings,
            IOrganizationService organizationService,
            IProviderUserRepository providerUserRepository,
-            IDeviceRepository deviceRepository,
-            IWebHostEnvironment environment)
+            IDeviceRepository deviceRepository)
            : base(
                  store,
                  optionsAccessor,
@ -121,7 +117,6 @@ namespace Bit.Core.Services
            _organizationService = organizationService;
            _providerUserRepository = providerUserRepository;
            _deviceRepository = deviceRepository;
-            _environment = environment;
        }

        public Guid? GetProperUserId(ClaimsPrincipal principal)
@ -1422,9 +1417,9 @@ namespace Bit.Core.Services

        public async Task<bool> Needs2FABecauseNewDeviceAsync(User user, string deviceIdentifier, string grantType)
        {
-            return user.EmailVerified
+            return _globalSettings.TwoFactorAuth.EmailOnNewDeviceLogin
+                   && user.EmailVerified
                   && grantType != "authorization_code"
-                   && !_environment.IsDevelopment()
                   && await IsNewDeviceAndNotTheFirstOneAsync(user, deviceIdentifier);
        }