Skip to content

[PM-21281] Email TOTP sent twice when user only has Email MFA enabled#5782

Merged
ike-kottlowski merged 3 commits intomainfrom
auth/pm-21281/double-email-totp-on-login
May 9, 2025
Merged

[PM-21281] Email TOTP sent twice when user only has Email MFA enabled#5782
ike-kottlowski merged 3 commits intomainfrom
auth/pm-21281/double-email-totp-on-login

Conversation

@ike-kottlowski
Copy link
Contributor

@ike-kottlowski ike-kottlowski commented May 7, 2025

🎟️ Tracking

PM-21281

📔 Objective

With the new two factor component refactors on the client we now send an email automatically when a user selects the email 2 factor option. Historically the server would assume and send an email automatically if email two factor was the only available option to the user. The team opted to not have the server make assumptions about what the client wishes to do and instead wait for instruction from the client.

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@ike-kottlowski ike-kottlowski requested a review from a team as a code owner May 7, 2025 17:07
@ike-kottlowski ike-kottlowski requested a review from rr-bw May 7, 2025 17:07
@github-actions
Copy link
Contributor

github-actions bot commented May 7, 2025

Logo
Checkmarx One – Scan Summary & Detailse5e9da52-b545-4402-b090-0b63e653c96d

Fixed Issues (1)

Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
MEDIUM Use_Of_Hardcoded_Password /util/Seeder/Factories/UserSeeder.cs: 14

@codecov
Copy link

codecov bot commented May 7, 2025

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 47.19%. Comparing base (e465f2e) to head (fc371e2).
Report is 15 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #5782      +/-   ##
==========================================
- Coverage   47.25%   47.19%   -0.07%     
==========================================
  Files        1648     1646       -2     
  Lines       75061    75004      -57     
  Branches     6779     6781       +2     
==========================================
- Hits        35470    35398      -72     
- Misses      38107    38123      +16     
+ Partials     1484     1483       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@rr-bw rr-bw requested review from Patrick-Pimentel-Bitwarden and removed request for rr-bw May 7, 2025 22:24
@sonarqubecloud
Copy link

sonarqubecloud bot commented May 9, 2025

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Good catch and good work! Thanks for keeping your eyes peeled for stuff like this.

@ike-kottlowski ike-kottlowski merged commit ead5bbd into main May 9, 2025
53 checks passed
@ike-kottlowski ike-kottlowski deleted the auth/pm-21281/double-email-totp-on-login branch May 9, 2025 16:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants