[SG-656] Send a captcha bypass token back from the register endpoint #2278

addisonbeck · 2022-09-14T18:07:48Z

https://bitwarden.atlassian.net/jira/software/c/projects/SG/boards/71?modal=detail&selectedIssue=SG-656

This will be part of a cloud server hotfix.

Type of change

- [x] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

The trial initiation flow has a registration step that automatically does a login in the background. This has Captcha problems, namely that it can spawn two captchas in a row - one during registration and one during login. This is not ideal UX, so we've added a bypass token that returns from the registration endpoint that can be used to skip the next captcha.

bitwarden/clients#3531 depends on this change.

Code changes

Create a model to encapsulate a RegistrationResponse
Generate a user CaptchaBypassToken after a successful registration that we return to caller.

Before you submit

Please check for formatting errors (dotnet format --verify-no-changes) (required)
If making database changes - make sure you also update Entity Framework queries and/or migrations
Please add unit tests where it makes sense to do so (encouraged but not required)
If this change requires a documentation update - notify the documentation team
If this change has particular deployment requirements - notify the DevOps team

differsthecat

Nice solution!

src/Identity/Controllers/AccountsController.cs

src/Identity/Models/RegisterResponseModel.cs

…2278) * Send a captcha bypass token back from the register endpoint * [review] Use existing user * [review] Introduce ICaptcheProtectedResponseModel

Send a captcha bypass token back from the register endpoint

f3581c3

addisonbeck mentioned this pull request Sep 14, 2022

[SG-656] Use a captcha bypass during registration bitwarden/clients#3531

Merged

addisonbeck marked this pull request as ready for review September 14, 2022 18:17

addisonbeck requested review from MGibson1, trmartin4 and a team September 14, 2022 18:19

differsthecat previously approved these changes Sep 14, 2022

View reviewed changes

MGibson1 reviewed Sep 14, 2022

View reviewed changes

src/Identity/Controllers/AccountsController.cs Outdated Show resolved Hide resolved

src/Identity/Models/RegisterResponseModel.cs Outdated Show resolved Hide resolved

[review] Use existing user

97c9442

addisonbeck dismissed differsthecat’s stale review via 97c9442 September 14, 2022 19:40

addisonbeck added 2 commits September 14, 2022 15:42

Merge branch 'master' into fix/trialInitiation

d2a85e2

[review] Introduce ICaptcheProtectedResponseModel

34e01b6

MGibson1 approved these changes Sep 14, 2022

View reviewed changes

addisonbeck merged commit 287dc2e into master Sep 15, 2022

addisonbeck deleted the fix/trialInitiation branch September 15, 2022 14:02

addisonbeck mentioned this pull request Sep 16, 2022

[SG-656] Update API endpoint to use RegisterResponseModel #2282

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SG-656] Send a captcha bypass token back from the register endpoint #2278

[SG-656] Send a captcha bypass token back from the register endpoint #2278

addisonbeck commented Sep 14, 2022 •

edited

differsthecat left a comment

[SG-656] Send a captcha bypass token back from the register endpoint #2278

[SG-656] Send a captcha bypass token back from the register endpoint #2278

Conversation

addisonbeck commented Sep 14, 2022 • edited

Type of change

Objective

Code changes

Before you submit

differsthecat left a comment

Choose a reason for hiding this comment

addisonbeck commented Sep 14, 2022 •

edited