remove deprecated jwt bearer authentication method

2025-07-04 01:22:50 -05:00 · 2017-06-06 23:19:42 -04:00
parent 811bbbfe0a
commit d8c0994ed3
16 changed files with 29 additions and 624 deletions
--- a/src/Api/Controllers/AuthController.cs
+++ b/src/Api/Controllers/AuthController.cs
@ -1,11 +1,7 @@
 using System;
-using System.Threading.Tasks;
 using Microsoft.AspNetCore.Mvc;
-using Bit.Core.Identity;
-using Bit.Core.Models.Api;
 using Microsoft.AspNetCore.Authorization;
 using Bit.Core.Exceptions;
-using Bit.Core.Services;

 namespace Bit.Api.Controllers
 {
@ -13,54 +9,12 @@ namespace Bit.Api.Controllers
    [Route("auth")]
    public class AuthController : Controller
    {
-        private readonly JwtBearerSignInManager _signInManager;
-        private readonly IUserService _userService;
-
-        public AuthController(
-            JwtBearerSignInManager signInManager,
-            IUserService userService)
-        {
-            _signInManager = signInManager;
-            _userService = userService;
-        }
-
        [HttpPost("token")]
        [AllowAnonymous]
-        public async Task<AuthTokenResponseModel> PostToken([FromBody]AuthTokenRequestModel model)
+        public IActionResult PostToken()
        {
-            var result = await _signInManager.PasswordSignInAsync(model.Email.ToLower(), model.MasterPasswordHash, 
-                model.Device?.ToDevice());
-            if(result == JwtBearerSignInResult.Success)
-            {
-                return new AuthTokenResponseModel(result.Token, result.User);
-            }
-            else if(result == JwtBearerSignInResult.TwoFactorRequired)
-            {
-                return new AuthTokenResponseModel(result.Token, null);
-            }
-
-            await Task.Delay(2000);
-            throw new BadRequestException("Username or password is incorrect. Try again.");
-        }
-
-        [HttpPost("token/two-factor")]
-        [Authorize("TwoFactor")]
-        public async Task<AuthTokenResponseModel> PostTokenTwoFactor([FromBody]AuthTokenTwoFactorRequestModel model)
-        {
-            var user = await _userService.GetUserByPrincipalAsync(User);
-            if(user == null)
-            {
-                throw new UnauthorizedAccessException();
-            }
-
-            var result = await _signInManager.TwoFactorSignInAsync(user, model.Provider, model.Code, model.Device?.ToDevice());
-            if(result == JwtBearerSignInResult.Success)
-            {
-                return new AuthTokenResponseModel(result.Token, result.User);
-            }
-
-            await Task.Delay(2000);
-            throw new BadRequestException("Code is not correct. Try again.");
+            throw new BadRequestException("You are using an outdated version of bitwarden that is no longer supported. " +
+                "Please update your app first and try again.");
        }
    }
 }