Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-13 00:03:33 +10:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce 2FA for email password SSO linked accounts (#1072)

Browse Source 
## Description

Fixed issue where accounts that were initially created via
email/password, then linked to an SSO account, can bypass the 2FA during
login if they use their email password.

## Testing Performed

Tested locally, and 2FA is now required for linked SSO accounts
This commit is contained in:
David Nguyen
2024-04-03 15:18:36 +08:00
committed by GitHub
parent 484f603a6b
commit 58481f66b8
3 changed files with 5 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
packages/lib/server-only/2fa/is-2fa-availble.ts
View File

@ -1,4 +1,4 @@
import { User } from '@documenso/prisma/client';
import type { User } from '@documenso/prisma/client';
import { DOCUMENSO_ENCRYPTION_KEY } from '../../constants/crypto';
@ -9,9 +9,5 @@ type IsTwoFactorAuthenticationEnabledOptions = {
export const isTwoFactorAuthenticationEnabled = ({
user,
}: IsTwoFactorAuthenticationEnabledOptions) => {
return (
user.twoFactorEnabled &&
user.identityProvider === 'DOCUMENSO' &&
typeof DOCUMENSO_ENCRYPTION_KEY === 'string'
);
return user.twoFactorEnabled && typeof DOCUMENSO_ENCRYPTION_KEY === 'string';
};