From b4c9133d124a951fb773b7ec9dbde8280057d397 Mon Sep 17 00:00:00 2001
From: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Date: Tue, 8 Jul 2025 13:59:44 -0400
Subject: [PATCH] feat(otp): Revert [PM-18612] Consolidate all email OTP to use
6 digits
This reverts commit 737f549f8297709b9de487bf9b289e2584dd2329.
---
.../Identity/TokenProviders/EmailTokenProvider.cs | 5 +----
.../TokenProviders/EmailTwoFactorTokenProvider.cs | 11 +++++------
2 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/src/Core/Auth/Identity/TokenProviders/EmailTokenProvider.cs b/src/Core/Auth/Identity/TokenProviders/EmailTokenProvider.cs
index 9481710390..be94124c03 100644
--- a/src/Core/Auth/Identity/TokenProviders/EmailTokenProvider.cs
+++ b/src/Core/Auth/Identity/TokenProviders/EmailTokenProvider.cs
@@ -7,9 +7,6 @@ using Microsoft.Extensions.DependencyInjection;
namespace Bit.Core.Auth.Identity.TokenProviders;
-///
-/// Generates and validates tokens for email OTPs.
-///
public class EmailTokenProvider : IUserTwoFactorTokenProvider
{
private const string CacheKeyFormat = "EmailToken_{0}_{1}_{2}";
@@ -28,7 +25,7 @@ public class EmailTokenProvider : IUserTwoFactorTokenProvider
};
}
- public int TokenLength { get; protected set; } = 6;
+ public int TokenLength { get; protected set; } = 8;
public bool TokenAlpha { get; protected set; } = false;
public bool TokenNumeric { get; protected set; } = true;
diff --git a/src/Core/Auth/Identity/TokenProviders/EmailTwoFactorTokenProvider.cs b/src/Core/Auth/Identity/TokenProviders/EmailTwoFactorTokenProvider.cs
index 49a000a2bf..c4b4c1d2ca 100644
--- a/src/Core/Auth/Identity/TokenProviders/EmailTwoFactorTokenProvider.cs
+++ b/src/Core/Auth/Identity/TokenProviders/EmailTwoFactorTokenProvider.cs
@@ -10,18 +10,17 @@ using Microsoft.Extensions.DependencyInjection;
namespace Bit.Core.Auth.Identity.TokenProviders;
-///
-/// Generates tokens for email two-factor authentication.
-/// It inherits from the EmailTokenProvider class, which manages the persistence and validation of tokens,
-/// and adds additional validation to ensure that 2FA is enabled for the user.
-///
public class EmailTwoFactorTokenProvider : EmailTokenProvider
{
public EmailTwoFactorTokenProvider(
[FromKeyedServices("persistent")]
IDistributedCache distributedCache) :
base(distributedCache)
- { }
+ {
+ TokenAlpha = false;
+ TokenNumeric = true;
+ TokenLength = 6;
+ }
public override Task CanGenerateTwoFactorTokenAsync(UserManager manager, User user)
{