From d190c4bd0fd7bbbab39f7cde2fbb4981d98c896a Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Mon, 17 Aug 2020 10:40:35 -0400 Subject: [PATCH] Update APIs to collect other set password info (#870) --- src/Api/Controllers/AccountsController.cs | 4 ++-- .../Accounts/SetPasswordRequestModel.cs | 24 +++++++++++++++++-- .../Services/Implementations/UserService.cs | 4 ++-- 3 files changed, 26 insertions(+), 6 deletions(-) diff --git a/src/Api/Controllers/AccountsController.cs b/src/Api/Controllers/AccountsController.cs index e122c49e5d..36c63e9cba 100644 --- a/src/Api/Controllers/AccountsController.cs +++ b/src/Api/Controllers/AccountsController.cs @@ -197,7 +197,7 @@ namespace Bit.Api.Controllers } [HttpPost("set-password")] - public async Task SetPasswordAsync([FromBody]SetPasswordRequestModel model) + public async Task PostSetPasswordAsync([FromBody]SetPasswordRequestModel model) { var user = await _userService.GetUserByPrincipalAsync(User); if (user == null) @@ -205,7 +205,7 @@ namespace Bit.Api.Controllers throw new UnauthorizedAccessException(); } - var result = await _userService.SetPasswordAsync(user, model.NewMasterPasswordHash, model.Key); + var result = await _userService.SetPasswordAsync(model.ToUser(user), model.MasterPasswordHash, model.Key); if (result.Succeeded) { return; diff --git a/src/Core/Models/Api/Request/Accounts/SetPasswordRequestModel.cs b/src/Core/Models/Api/Request/Accounts/SetPasswordRequestModel.cs index 88e60d74bf..98c77ebe9e 100644 --- a/src/Core/Models/Api/Request/Accounts/SetPasswordRequestModel.cs +++ b/src/Core/Models/Api/Request/Accounts/SetPasswordRequestModel.cs @@ -1,4 +1,6 @@ -using System.ComponentModel.DataAnnotations; +using System.ComponentModel.DataAnnotations; +using Bit.Core.Enums; +using Bit.Core.Models.Table; namespace Bit.Core.Models.Api.Request.Accounts { @@ -6,8 +8,26 @@ namespace Bit.Core.Models.Api.Request.Accounts { [Required] [StringLength(300)] - public string NewMasterPasswordHash { get; set; } + public string MasterPasswordHash { get; set; } [Required] public string Key { get; set; } + [StringLength(50)] + public string MasterPasswordHint { get; set; } + [Required] + public KeysRequestModel Keys { get; set; } + [Required] + public KdfType Kdf { get; set; } + [Required] + public int KdfIterations { get; set; } + + public User ToUser(User existingUser) + { + existingUser.MasterPasswordHint = MasterPasswordHint; + existingUser.Kdf = Kdf; + existingUser.KdfIterations = KdfIterations; + existingUser.Key = Key; + Keys.ToUser(existingUser); + return existingUser; + } } } diff --git a/src/Core/Services/Implementations/UserService.cs b/src/Core/Services/Implementations/UserService.cs index 21844ccd19..4b16349bc5 100644 --- a/src/Core/Services/Implementations/UserService.cs +++ b/src/Core/Services/Implementations/UserService.cs @@ -579,7 +579,7 @@ namespace Bit.Core.Services return IdentityResult.Failed(_identityErrorDescriber.PasswordMismatch()); } - public async Task SetPasswordAsync(User user, string newMasterPassword, string key) + public async Task SetPasswordAsync(User user, string masterPassword, string key) { if (user == null) { @@ -592,7 +592,7 @@ namespace Bit.Core.Services return IdentityResult.Failed(_identityErrorDescriber.UserAlreadyHasPassword()); } - var result = await UpdatePasswordHash(user, newMasterPassword); + var result = await UpdatePasswordHash(user, masterPassword); if (!result.Succeeded) { return result;