Feature/sync Enable hcaptcha on login (#1469)

* Share globalSettings hcaptcha public key with clients * Require captcha valid only prior to two factor users with two factor will have already solved captcha is necessary. Users without two factor will have`TwoFactorVerified` set to false * Do not require CaptchaResponse on two-factor requests * Add option to always require captcha for testing purposes * Allow for self-hosted instances if they want to use it * Move refresh suggestion to correct error * Expect lifetime in helper method * Add captcha bypass token to successful captcha validations * Remove twofactorValidated * PR Feedback
2025-07-02 00:22:50 -05:00 · 2021-07-21 13:42:06 -05:00
parent 259bf8d760
commit 8e1e2fa2fe
9 changed files with 67 additions and 15 deletions
--- a/src/Core/Utilities/CoreHelpers.cs
+++ b/src/Core/Utilities/CoreHelpers.cs
@ -619,11 +619,12 @@ namespace Bit.Core.Utilities
        public static bool UserInviteTokenIsValid(IDataProtector protector, string token, string userEmail,
            Guid orgUserId, GlobalSettings globalSettings)
        {
-            return TokenIsValid("OrganizationUserInvite", protector, token, userEmail, orgUserId, globalSettings);
+            return TokenIsValid("OrganizationUserInvite", protector, token, userEmail, orgUserId,
+                globalSettings.OrganizationInviteExpirationHours);
        }

        public static bool TokenIsValid(string firstTokenPart, IDataProtector protector, string token, string userEmail,
-            Guid id, GlobalSettings globalSettings)
+            Guid id, double expirationInHours)
        {
            var invalid = true;
            try
@ -635,7 +636,7 @@ namespace Bit.Core.Utilities
                    dataParts[2].Equals(userEmail, StringComparison.InvariantCultureIgnoreCase))
                {
                    var creationTime = FromEpocMilliseconds(Convert.ToInt64(dataParts[3]));
-                    var expTime = creationTime.AddHours(globalSettings.OrganizationInviteExpirationHours);
+                    var expTime = creationTime.AddHours(expirationInHours);
                    invalid = expTime < DateTime.UtcNow;
                }
            }
--- a/src/Core/Utilities/ServiceCollectionExtensions.cs
+++ b/src/Core/Utilities/ServiceCollectionExtensions.cs
@ -304,7 +304,7 @@ namespace Bit.Core.Utilities
                services.AddSingleton<IReferenceEventService, AzureQueueReferenceEventService>();
            }

-            if (!globalSettings.SelfHosted && CoreHelpers.SettingHasValue(globalSettings.Captcha?.HCaptchaSecretKey) &&
+            if (CoreHelpers.SettingHasValue(globalSettings.Captcha?.HCaptchaSecretKey) &&
                CoreHelpers.SettingHasValue(globalSettings.Captcha?.HCaptchaSiteKey))
            {
                services.AddSingleton<ICaptchaValidationService, HCaptchaValidationService>();