nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-05-29 23:34:53 -05:00
Code

back to corehelpers

Browse Source
This commit is contained in:
Kyle Spearrin 2019-06-11 17:17:23 -04:00
parent 6ab2f4ff87
commit ad7c4b89c4
3 changed files with 27 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/Core/Services/Implementations/OrganizationService.cs
View File

@ -954,7 +954,7 @@ namespace Bit.Core.Services
throw new BadRequestException("You are already part of this organization."); throw new BadRequestException("You are already part of this organization.");
} }
if(!UserInviteTokenIsValid(_dataProtector, token, user.Email, orgUser.Id)) if(!CoreHelpers.UserInviteTokenIsValid(_dataProtector, token, user.Email, orgUser.Id, _globalSettings))
{ {
throw new BadRequestException("Invalid token."); throw new BadRequestException("Invalid token.");
} }
@ -1411,31 +1411,5 @@ namespace Bit.Core.Services
$"{plan.MaxAdditionalSeats.GetValueOrDefault(0)} additional users."); $"{plan.MaxAdditionalSeats.GetValueOrDefault(0)} additional users.");
} }
} }
public bool UserInviteTokenIsValid(IDataProtector protector, string token, string userEmail, Guid orgUserId)
{
var invalid = true;
try
{
var unprotectedData = protector.Unprotect(token);
var dataParts = unprotectedData.Split(' ');
if(dataParts.Length == 4 && dataParts[0] == "OrganizationUserInvite" &&
new Guid(dataParts[1]) == orgUserId &&
dataParts[2].Equals(userEmail, StringComparison.InvariantCultureIgnoreCase))
{
var creationTime = CoreHelpers.FromEpocMilliseconds(Convert.ToInt64(dataParts[3]));
var expTime = creationTime.AddHours(_globalSettings.OrganizationInviteExpirationHours);
invalid = expTime < DateTime.UtcNow;
}
}
catch
{
invalid = true;
}
return !invalid;
}
} }
} }

2
src/Core/Services/Implementations/UserService.cs
View File

@ -250,7 +250,7 @@ namespace Bit.Core.Services
if(_globalSettings.DisableUserRegistration && !string.IsNullOrWhiteSpace(token) && orgUserId.HasValue) if(_globalSettings.DisableUserRegistration && !string.IsNullOrWhiteSpace(token) && orgUserId.HasValue)
{ {
tokenValid = CoreHelpers.UserInviteTokenIsValid(_organizationServiceDataProtector, token, tokenValid = CoreHelpers.UserInviteTokenIsValid(_organizationServiceDataProtector, token,
user.Email, orgUserId.Value); user.Email, orgUserId.Value, _globalSettings);
} }
if(_globalSettings.DisableUserRegistration && !tokenValid) if(_globalSettings.DisableUserRegistration && !tokenValid)

25
src/Core/Utilities/CoreHelpers.cs
View File

@ -476,5 +476,30 @@ namespace Bit.Core.Utilities
{ {
return string.Concat("Custom_", type.ToString()); return string.Concat("Custom_", type.ToString());
} }
public static bool UserInviteTokenIsValid(IDataProtector protector, string token, string userEmail, Guid orgUserId,
GlobalSettings globalSettings)
{
var invalid = true;
try
{
var unprotectedData = protector.Unprotect(token);
var dataParts = unprotectedData.Split(' ');
if(dataParts.Length == 4 && dataParts[0] == "OrganizationUserInvite" &&
new Guid(dataParts[1]) == orgUserId &&
dataParts[2].Equals(userEmail, StringComparison.InvariantCultureIgnoreCase))
{
var creationTime = FromEpocMilliseconds(Convert.ToInt64(dataParts[3]));
var expTime = creationTime.AddHours(globalSettings.OrganizationInviteExpirationHours);
invalid = expTime < DateTime.UtcNow;
}
}
catch
{
invalid = true;
}
return !invalid;
}
} }
} }