Add user verification to reset password request (#1980)

We only need master password hash because this is currently only used for sso password setting after auto-provisioning. Key Connector is not involved in these accounts
2022-07-06 18:23:20 -04:00 · 2022-07-06 18:23:20 -04:00 · 58a3662d0f
parent 6c7413e38c
commit 58a3662d0f
2 changed files with 3 additions and 1 deletions
--- a/src/App/Pages/Accounts/SetPasswordPageViewModel.cs
+++ b/src/App/Pages/Accounts/SetPasswordPageViewModel.cs
@ -219,7 +219,8 @@ namespace Bit.App.Pages
                    // Request
                    var resetRequest = new OrganizationUserResetPasswordEnrollmentRequest
                    {
-                        ResetPasswordKey = encryptedKey.EncryptedString
+                        ResetPasswordKey = encryptedKey.EncryptedString,
+                        MasterPasswordHash = masterPasswordHash,
                    };
                    var userId = await _stateService.GetActiveUserIdAsync();
                    // Enroll user
--- a/src/Core/Models/Request/OrganizationUserResetPasswordEnrollmentRequest.cs
+++ b/src/Core/Models/Request/OrganizationUserResetPasswordEnrollmentRequest.cs
@ -2,6 +2,7 @@
 {
    public class OrganizationUserResetPasswordEnrollmentRequest
    {
+        public string MasterPasswordHash { get; set; }
        public string ResetPasswordKey { get; set; }
    }
 }