From 2eaaecd95cc7b13cdade9b90be0e72b56594f652 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Mon, 19 Jun 2017 22:25:19 -0400 Subject: [PATCH] remove user twofactorenabled property --- src/Core/Identity/DuoTokenProvider.cs | 2 +- src/Core/Identity/UserStore.cs | 6 +---- src/Core/Models/Table/User.cs | 15 ++++++------ .../Services/Implementations/UserService.cs | 3 ++- src/Sql/dbo/Stored Procedures/User_Create.sql | 3 --- src/Sql/dbo/Stored Procedures/User_Update.sql | 2 -- src/Sql/dbo/Tables/User.sql | 1 - .../2017-06-07_00_UserTwoFactorCleanup.sql | 23 ------------------- .../2017-06-19_00_UserTwoFactorEnabled.sql | 13 +++++++++++ 9 files changed, 25 insertions(+), 43 deletions(-) delete mode 100644 util/SqlUpdate/2017-06-07_00_UserTwoFactorCleanup.sql create mode 100644 util/SqlUpdate/2017-06-19_00_UserTwoFactorEnabled.sql diff --git a/src/Core/Identity/DuoTokenProvider.cs b/src/Core/Identity/DuoTokenProvider.cs index 61839f4fe2..9847bc54d5 100644 --- a/src/Core/Identity/DuoTokenProvider.cs +++ b/src/Core/Identity/DuoTokenProvider.cs @@ -14,7 +14,7 @@ namespace Bit.Core.Identity { var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Duo); - var canGenerate = user.TwoFactorIsEnabled(TwoFactorProviderType.Duo) + var canGenerate = user.TwoFactorProviderIsEnabled(TwoFactorProviderType.Duo) && user.TwoFactorProvider.HasValue && user.TwoFactorProvider.Value == TwoFactorProviderType.Duo && !string.IsNullOrWhiteSpace(provider?.MetaData["UserId"]); diff --git a/src/Core/Identity/UserStore.cs b/src/Core/Identity/UserStore.cs index 154fe64222..7a53ef9237 100644 --- a/src/Core/Identity/UserStore.cs +++ b/src/Core/Identity/UserStore.cs @@ -1,13 +1,9 @@ using System; -using System.Collections.Generic; -using System.Linq; -using System.Security.Claims; using System.Threading; using System.Threading.Tasks; using Microsoft.AspNetCore.Identity; using Bit.Core.Models.Table; using Bit.Core.Repositories; -using Bit.Core.Services; namespace Bit.Core.Identity { @@ -162,7 +158,7 @@ namespace Bit.Core.Identity public Task SetTwoFactorEnabledAsync(User user, bool enabled, CancellationToken cancellationToken) { - user.TwoFactorEnabled = enabled; + // Do nothing... return Task.FromResult(0); } diff --git a/src/Core/Models/Table/User.cs b/src/Core/Models/Table/User.cs index ee8fd2f76f..644841f7f9 100644 --- a/src/Core/Models/Table/User.cs +++ b/src/Core/Models/Table/User.cs @@ -3,6 +3,7 @@ using Bit.Core.Enums; using Bit.Core.Utilities; using System.Collections.Generic; using Newtonsoft.Json; +using System.Linq; namespace Bit.Core.Models.Table { @@ -18,7 +19,6 @@ namespace Bit.Core.Models.Table public string MasterPasswordHint { get; set; } public string Culture { get; set; } = "en-US"; public string SecurityStamp { get; set; } - public bool TwoFactorEnabled { get; set; } public TwoFactorProviderType? TwoFactorProvider { get; set; } public string TwoFactorProviders { get; set; } public string TwoFactorRecoveryCode { get; set; } @@ -79,14 +79,15 @@ namespace Bit.Core.Models.Table return providers[provider].Enabled; } - public bool TwoFactorIsEnabled(TwoFactorProviderType provider) - { - return TwoFactorEnabled && TwoFactorProviderIsEnabled(provider); - } - public bool TwoFactorIsEnabled() { - return TwoFactorEnabled && TwoFactorProvider.HasValue && TwoFactorProviderIsEnabled(TwoFactorProvider.Value); + var providers = GetTwoFactorProviders(); + if(providers == null) + { + return false; + } + + return providers.Any(p => p.Value?.Enabled ?? false); } public TwoFactorProvider GetTwoFactorProvider(TwoFactorProviderType provider) diff --git a/src/Core/Services/Implementations/UserService.cs b/src/Core/Services/Implementations/UserService.cs index 86145e6cae..bbe4ef01e7 100644 --- a/src/Core/Services/Implementations/UserService.cs +++ b/src/Core/Services/Implementations/UserService.cs @@ -415,7 +415,8 @@ namespace Bit.Core.Services return false; } - user.TwoFactorEnabled = false; + user.TwoFactorProviders = null; + user.TwoFactorProvider = null; user.TwoFactorRecoveryCode = null; await SaveUserAsync(user); diff --git a/src/Sql/dbo/Stored Procedures/User_Create.sql b/src/Sql/dbo/Stored Procedures/User_Create.sql index 60aff77b34..735850f659 100644 --- a/src/Sql/dbo/Stored Procedures/User_Create.sql +++ b/src/Sql/dbo/Stored Procedures/User_Create.sql @@ -7,7 +7,6 @@ @MasterPasswordHint NVARCHAR(50), @Culture NVARCHAR(10), @SecurityStamp NVARCHAR(50), - @TwoFactorEnabled BIT, @TwoFactorProvider TINYINT, @TwoFactorProviders NVARCHAR(MAX), @TwoFactorRecoveryCode NVARCHAR(32), @@ -33,7 +32,6 @@ BEGIN [MasterPasswordHint], [Culture], [SecurityStamp], - [TwoFactorEnabled], [TwoFactorProvider], [TwoFactorProviders], [TwoFactorRecoveryCode], @@ -56,7 +54,6 @@ BEGIN @MasterPasswordHint, @Culture, @SecurityStamp, - @TwoFactorEnabled, @TwoFactorProvider, @TwoFactorProviders, @TwoFactorRecoveryCode, diff --git a/src/Sql/dbo/Stored Procedures/User_Update.sql b/src/Sql/dbo/Stored Procedures/User_Update.sql index 574cfa497f..4702bb8bb4 100644 --- a/src/Sql/dbo/Stored Procedures/User_Update.sql +++ b/src/Sql/dbo/Stored Procedures/User_Update.sql @@ -7,7 +7,6 @@ @MasterPasswordHint NVARCHAR(50), @Culture NVARCHAR(10), @SecurityStamp NVARCHAR(50), - @TwoFactorEnabled BIT, @TwoFactorProvider TINYINT, @TwoFactorProviders NVARCHAR(MAX), @TwoFactorRecoveryCode NVARCHAR(32), @@ -33,7 +32,6 @@ BEGIN [MasterPasswordHint] = @MasterPasswordHint, [Culture] = @Culture, [SecurityStamp] = @SecurityStamp, - [TwoFactorEnabled] = @TwoFactorEnabled, [TwoFactorProvider] = @TwoFactorProvider, [TwoFactorProviders] = @TwoFactorProviders, [TwoFactorRecoveryCode] = @TwoFactorRecoveryCode, diff --git a/src/Sql/dbo/Tables/User.sql b/src/Sql/dbo/Tables/User.sql index c0e7f58f2e..632d1cf889 100644 --- a/src/Sql/dbo/Tables/User.sql +++ b/src/Sql/dbo/Tables/User.sql @@ -7,7 +7,6 @@ [MasterPasswordHint] NVARCHAR (50) NULL, [Culture] NVARCHAR (10) NOT NULL, [SecurityStamp] NVARCHAR (50) NOT NULL, - [TwoFactorEnabled] BIT NOT NULL, [TwoFactorProvider] TINYINT NULL, [TwoFactorProviders] NVARCHAR (MAX) NULL, [TwoFactorRecoveryCode] NVARCHAR (32) NULL, diff --git a/util/SqlUpdate/2017-06-07_00_UserTwoFactorCleanup.sql b/util/SqlUpdate/2017-06-07_00_UserTwoFactorCleanup.sql deleted file mode 100644 index b408fb4fa5..0000000000 --- a/util/SqlUpdate/2017-06-07_00_UserTwoFactorCleanup.sql +++ /dev/null @@ -1,23 +0,0 @@ -alter table [user] add [TwoFactorProviders] NVARCHAR (MAX) NULL -go - -update [user] -set twofactorproviders = '{"0":{"Enabled":'+ (case when twofactorenabled = 1 then 'true' else 'false' end) +',"Remember":true,"MetaData":{"Key":"'+ authenticatorkey +'"}}}' -where twofactorprovider is not null and twofactorprovider = 0 -and authenticatorkey is not null -go - -alter table [user] drop column authenticatorkey -go - -drop view [userview] -go - -CREATE VIEW [dbo].[UserView] -AS -SELECT - * -FROM - [dbo].[User] -go - diff --git a/util/SqlUpdate/2017-06-19_00_UserTwoFactorEnabled.sql b/util/SqlUpdate/2017-06-19_00_UserTwoFactorEnabled.sql new file mode 100644 index 0000000000..db872c8b2b --- /dev/null +++ b/util/SqlUpdate/2017-06-19_00_UserTwoFactorEnabled.sql @@ -0,0 +1,13 @@ +alter table [user] drop column twofactorenabled +go + +drop view [dbo].[UserView] +go + +CREATE VIEW [dbo].[UserView] +AS +SELECT + * +FROM + [dbo].[User] +GO