nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-07 02:52:50 -05:00
Code Activity

Add todos and stuff

Browse Source
This commit is contained in:
Jared Snider
2025-03-20 11:56:29 -04:00
parent 5a8bf4c890
commit 36c52a1e75
8 changed files with 62 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/Api/Auth/Controllers/AccountsController.cs
View File

@ -209,14 +209,15 @@ public class AccountsController : Controller
throw new UnauthorizedAccessException();
}
Guid? sessionId = null;
// TODO: should this be feature flagged
Guid? opaqueSessionId = null;
if (model.OpaqueSessionId != null)
{
sessionId = Guid.Parse(model.OpaqueSessionId);
opaqueSessionId = Guid.Parse(model.OpaqueSessionId);
}
var result = await _userService.ChangePasswordAsync(user, model.MasterPasswordHash,
model.NewMasterPasswordHash, model.MasterPasswordHint, model.Key, sessionId);
model.NewMasterPasswordHash, model.MasterPasswordHint, model.Key, opaqueSessionId);
if (result.Succeeded)
{
return;

13
src/Api/Auth/Controllers/OpaqueKeyExchangeController.cs
View File

@ -1,15 +1,19 @@
using Bit.Api.Auth.Models.Request.Opaque;
using Bit.Api.Auth.Models.Response.Opaque;
using Bit.Core;
using Bit.Core.Auth.Models.Api.Request.Opaque;
using Bit.Core.Auth.Models.Api.Response.Opaque;
using Bit.Core.Auth.Services;
using Bit.Core.Services;
using Bit.Core.Utilities;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace Bit.Api.Auth.Controllers;
// TODO: move to identity
[Route("opaque")]
[RequireFeature(FeatureFlagKeys.OpaqueKeyExchange)]
public class OpaqueKeyExchangeController : Controller
{
private readonly IOpaqueKeyExchangeService _opaqueKeyExchangeService;
@ -24,7 +28,8 @@ public class OpaqueKeyExchangeController : Controller
_userService = userService;
}
[Authorize("Web")]
// TODO: investigate removing ~/opaque from all routes and using controller level route attribute
[Authorize("Application")]
[HttpPost("~/opaque/start-registration")]
public async Task<OpaqueRegistrationStartResponse> StartRegistrationAsync([FromBody] OpaqueRegistrationStartRequest request)
{
@ -34,7 +39,7 @@ public class OpaqueKeyExchangeController : Controller
}
[Authorize("Web")]
[Authorize("Application")]
[HttpPost("~/opaque/finish-registration")]
public async void FinishRegistrationAsync([FromBody] OpaqueRegistrationFinishRequest request)
{
@ -42,7 +47,7 @@ public class OpaqueKeyExchangeController : Controller
await _opaqueKeyExchangeService.FinishRegistration(request.SessionId, Convert.FromBase64String(request.RegistrationUpload), user, request.KeySet);
}
[Authorize("Web")]
[Authorize("Application")]
[HttpPost("~/opaque/set-registration-active")]
public async void SetRegistrationActive([FromBody] OpaqueSetRegistrationActiveRequest request)
{
@ -51,6 +56,7 @@ public class OpaqueKeyExchangeController : Controller
}
// TODO: Remove and move to token endpoint
[AllowAnonymous]
[HttpPost("~/opaque/start-login")]
public async Task<OpaqueLoginStartResponse> StartLoginAsync([FromBody] OpaqueLoginStartRequest request)
{
@ -59,6 +65,7 @@ public class OpaqueKeyExchangeController : Controller
}
// TODO: Remove and move to token endpoint
[AllowAnonymous]
[HttpPost("~/opaque/finish-login")]
public async Task<bool> FinishLoginAsync([FromBody] OpaqueLoginFinishRequest request)
{