[PM-6794] block legacy users from authN (#4088)

* block legacy users from authN * undo change to GetDeviceFromRequest * lint * add feature flag * format * add web vault url to error message * fix test * format
2025-07-02 00:22:50 -05:00 · 2024-06-03 09:19:56 -04:00
parent 21a02054af
commit b072fc56b1
6 changed files with 107 additions and 0 deletions
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -1304,6 +1304,28 @@ public class UserService : UserManager<User>, IUserService, IDisposable
        return IdentityResult.Success;
    }

+    public async Task<bool> IsLegacyUser(string userId)
+    {
+        if (string.IsNullOrWhiteSpace(userId))
+        {
+            return false;
+        }
+
+        var user = await FindByIdAsync(userId);
+        if (user == null)
+        {
+            return false;
+        }
+
+        return IsLegacyUser(user);
+    }
+
+    /// <inheritdoc cref="IsLegacyUser(string)"/>
+    public static bool IsLegacyUser(User user)
+    {
+        return user.Key == null && user.MasterPassword != null && user.PrivateKey != null;
+    }
+
    private async Task<IdentityResult> ValidatePasswordInternal(User user, string password)
    {
        var errors = new List<IdentityError>();