CheckPoliciesOnTwoFactorRemoval for 2fa recovery (#659)

2025-07-01 08:02:49 -05:00 · 2020-02-28 10:23:19 -05:00
parent ae893c72bd
commit 71d9ffdd9d
3 changed files with 30 additions and 21 deletions
--- a/src/Api/Controllers/TwoFactorController.cs
+++ b/src/Api/Controllers/TwoFactorController.cs
@ -359,7 +359,8 @@ namespace Bit.Api.Controllers
        [AllowAnonymous]
        public async Task PostRecover([FromBody]TwoFactorRecoveryRequestModel model)
        {
-            if(!await _userService.RecoverTwoFactorAsync(model.Email, model.MasterPasswordHash, model.RecoveryCode))
+            if(!await _userService.RecoverTwoFactorAsync(model.Email, model.MasterPasswordHash, model.RecoveryCode,
+                _organizationService))
            {
                await Task.Delay(2000);
                throw new BadRequestException(string.Empty, "Invalid information. Try again.");