diff options
| author | Stefan Melmuk <[email protected]> | 2024-03-17 22:35:02 +0100 |
|---|---|---|
| committer | GitHub <[email protected]> | 2024-03-17 22:35:02 +0100 |
| commit | 79ce5b49bc61227101aa0668a4ab3b8bdf4f32ef (patch) | |
| tree | 63134184ad6fbe627ac6c7b9f4f2bf0576ed54eb /src/config.rs | |
| parent | 7c3cad197c9144977164d2b66e70c206b3b771d9 (diff) | |
| download | vaultwarden-79ce5b49bc61227101aa0668a4ab3b8bdf4f32ef.tar.gz vaultwarden-79ce5b49bc61227101aa0668a4ab3b8bdf4f32ef.zip | |
automatically use email address as 2fa provider (#4317)
Diffstat (limited to 'src/config.rs')
| -rw-r--r-- | src/config.rs | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/config.rs b/src/config.rs index 01f387ec..489a229d 100644 --- a/src/config.rs +++ b/src/config.rs @@ -686,6 +686,10 @@ make_config! { email_expiration_time: u64, true, def, 600; /// Maximum attempts |> Maximum attempts before an email token is reset and a new email will need to be sent email_attempts_limit: u64, true, def, 3; + /// Automatically enforce at login |> Setup email 2FA provider regardless of any organization policy + email_2fa_enforce_on_verified_invite: bool, true, def, false; + /// Auto-enable 2FA (Know the risks!) |> Automatically setup email 2FA as fallback provider when needed + email_2fa_auto_fallback: bool, true, def, false; }, } @@ -888,6 +892,13 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { err!("To enable email 2FA, a mail transport must be configured") } + if !cfg._enable_email_2fa && cfg.email_2fa_enforce_on_verified_invite { + err!("To enforce email 2FA on verified invitations, email 2fa has to be enabled!"); + } + if !cfg._enable_email_2fa && cfg.email_2fa_auto_fallback { + err!("To use email 2FA as automatic fallback, email 2fa has to be enabled!"); + } + // Check if the icon blacklist regex is valid if let Some(ref r) = cfg.icon_blacklist_regex { let validate_regex = regex::Regex::new(r); |