nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-05 18:12:48 -05:00
Code Activity

Merge branch 'master' into feature/flexible-collections

Browse Source
This commit is contained in:
Vincent Salucci
2023-09-13 11:04:59 -05:00
parent 064a28c325 d3aceea377
commit acd3997133
1 changed files with 13 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/Identity/IdentityServer/BaseRequestValidator.cs
View File

@ -147,30 +147,27 @@ public abstract class BaseRequestValidator<T> where T : class
var verified = await VerifyTwoFactor(user, twoFactorOrganization,
twoFactorProviderType, twoFactorToken);
var cacheKey = "TOTP_" + user.Email;
var cacheKey = "TOTP_" + user.Email + "_" + twoFactorToken;
var isOtpCached = Core.Utilities.DistributedCacheExtensions.TryGetValue(_distributedCache, cacheKey, out string _);
if (isOtpCached)
if (!verified || isBot || isOtpCached)
{
await BuildErrorResultAsync("Two-step token is invalid. Try again.", true, context, user);
return;
}
if ((!verified || isBot) && twoFactorProviderType != TwoFactorProviderType.Remember)
if (twoFactorProviderType != TwoFactorProviderType.Remember)
{
await UpdateFailedAuthDetailsAsync(user, true, !validatorContext.KnownDevice);
await BuildErrorResultAsync("Two-step token is invalid. Try again.", true, context, user);
return;
}
else if ((!verified || isBot) && twoFactorProviderType == TwoFactorProviderType.Remember)
else if (twoFactorProviderType == TwoFactorProviderType.Remember)
{
// Delay for brute force.
await Task.Delay(2000);
await BuildTwoFactorResultAsync(user, twoFactorOrganization, context);
}
return;
}
if (twoFactorProviderType != TwoFactorProviderType.Remember)
{
await Core.Utilities.DistributedCacheExtensions.SetAsync(_distributedCache, cacheKey, twoFactorToken, _cacheEntryOptions);
}
}
else
{
twoFactorRequest = false;