nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-06 03:00:36 -05:00
Code

Skip policy check if two-step login is enabled for the user

Browse Source
This commit is contained in:
Rui Tome 2025-05-26 11:22:18 +01:00
parent 265dd37ca0
commit eeb0b0768f
No known key found for this signature in database
GPG Key ID: 526239D96A8EC066
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Core/AdminConsole/OrganizationFeatures/OrganizationUsers/AcceptOrgUserCommand.cs
View File

@ -235,10 +235,16 @@ public class AcceptOrgUserCommand : IAcceptOrgUserCommand
{ {
if (_featureService.IsEnabled(FeatureFlagKeys.PolicyRequirements)) if (_featureService.IsEnabled(FeatureFlagKeys.PolicyRequirements))
{ {
if (await _twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user))
{
// If the user has two-step login enabled, we skip checking the 2FA policy
return;
}
var twoFactorPolicyRequirement = await _policyRequirementQuery.GetAsync<RequireTwoFactorPolicyRequirement>(user.Id); var twoFactorPolicyRequirement = await _policyRequirementQuery.GetAsync<RequireTwoFactorPolicyRequirement>(user.Id);
var twoFactorRequiredForOrganization = twoFactorPolicyRequirement.IsTwoFactorRequiredForOrganization(organizationId); var twoFactorRequiredForOrganization = twoFactorPolicyRequirement.IsTwoFactorRequiredForOrganization(organizationId);
if (twoFactorRequiredForOrganization && !await _twoFactorIsEnabledQuery.TwoFactorIsEnabledAsync(user)) if (twoFactorRequiredForOrganization)
{ {
throw new BadRequestException("You cannot join this organization until you enable two-step login on your user account."); throw new BadRequestException("You cannot join this organization until you enable two-step login on your user account.");
} }