nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-01 08:02:49 -05:00
Code Activity

[SG-692] Block unknown devices from using passwordless auth (#2315)

Browse Source 
* Block unknown devices from initiating auth requests

* Rename anonymousHub route to anonymous-hub
This commit is contained in:
Addison Beck
2022-09-29 14:10:21 -04:00
committed by GitHub
parent 96fa8781f3
commit 53f6ec0a71
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/Controllers/AuthRequestsController.cs
View File

@ -89,9 +89,9 @@ public class AuthRequestsController : Controller
{
throw new BadRequestException("Device type not provided.");
}
if (!_globalSettings.PasswordlessAuth.KnownDevicesOnly)
if (_globalSettings.PasswordlessAuth.KnownDevicesOnly)
{
var d = await _deviceRepository.GetByIdentifierAsync(_currentContext.DeviceIdentifier);
var d = await _deviceRepository.GetByIdentifierAsync(model.DeviceIdentifier);
if (d == null || d.UserId != user.Id)
{
throw new NotFoundException();