Email verification for new devices (#1931)

* PS-56 Added Email 2FA on login with new devices that don't have any 2FA enabled * PS-56 Fixed wrong argument in VerifyTwoFactor call
2025-07-11 04:43:44 -05:00 · 2022-04-01 17:08:47 -03:00
parent ff23bb87c8
commit 6f60d24f5a
10 changed files with 251 additions and 23 deletions
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -346,7 +346,7 @@ namespace Bit.Core.Services
            await _mailService.SendMasterPasswordHintEmailAsync(email, user.MasterPasswordHint);
        }

-        public async Task SendTwoFactorEmailAsync(User user)
+        public async Task SendTwoFactorEmailAsync(User user, bool isBecauseNewDeviceLogin = false)
        {
            var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Email);
            if (provider == null || provider.MetaData == null || !provider.MetaData.ContainsKey("Email"))
@ -357,7 +357,15 @@ namespace Bit.Core.Services
            var email = ((string)provider.MetaData["Email"]).ToLowerInvariant();
            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultEmailProvider,
                "2faEmail:" + email);
-            await _mailService.SendTwoFactorEmailAsync(email, token);
+
+            if (isBecauseNewDeviceLogin)
+            {
+                await _mailService.SendNewDeviceLoginTwoFactorEmailAsync(email, token);
+            }
+            else
+            {
+                await _mailService.SendTwoFactorEmailAsync(email, token);
+            }
        }

        public async Task<bool> VerifyTwoFactorEmailAsync(User user, string token)