[PR #3803] [MERGED] enforce 2FA policy on removal of second factor and login #3310

New Issue

Closed

opened 2026-02-05 05:22:48 +03:00 by OVERLORD · 0 comments

OVERLORD commented 2026-02-05 05:22:48 +03:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/3803
Author: @stefan0xC
Created: 8/27/2023
Status: ✅ Merged
Merged: 1/1/2024
Merged by: @dani-garcia

Base: main ← Head: enforce-2fa-policy-on-removal

---

📝 Commits (3)

• cb36ee5 enforce 2fa policy on removal of second factor
• d5847e6 use &str instead of String in log_event()
• 8a8b0c7 enforce the 2fa policy on login

📊 Changes

7 files changed (+163 additions, -122 deletions)

View changed files

📝 src/api/admin.rs (+8 -4)
📝 src/api/core/ciphers.rs (+8 -16)
📝 src/api/core/events.rs (+2 -2)
📝 src/api/core/organizations.rs (+35 -58)
📝 src/api/core/two_factor/mod.rs (+79 -17)
📝 src/api/identity.rs (+21 -25)
📝 src/db/models/organization.rs (+10 -0)

📄 Description

after a user's 2FA is removed, they should be deleted from all organizations where the 2fA policy is enforced.

fixes #3798

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/3803 **Author:** [@stefan0xC](https://github.com/stefan0xC) **Created:** 8/27/2023 **Status:** ✅ Merged **Merged:** 1/1/2024 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `main` ← **Head:** `enforce-2fa-policy-on-removal` --- ### 📝 Commits (3) - [`cb36ee5`](https://github.com/dani-garcia/vaultwarden/commit/cb36ee5415a021da7b8c3bc2019a833bbb172c85) enforce 2fa policy on removal of second factor - [`d5847e6`](https://github.com/dani-garcia/vaultwarden/commit/d5847e60a85ee8c59e938a39d6c3dd8a41c1a5ac) use &str instead of String in log_event() - [`8a8b0c7`](https://github.com/dani-garcia/vaultwarden/commit/8a8b0c727d8c6325100abf11f7cb49683424079f) enforce the 2fa policy on login ### 📊 Changes **7 files changed** (+163 additions, -122 deletions) <details> <summary>View changed files</summary> 📝 `src/api/admin.rs` (+8 -4) 📝 `src/api/core/ciphers.rs` (+8 -16) 📝 `src/api/core/events.rs` (+2 -2) 📝 `src/api/core/organizations.rs` (+35 -58) 📝 `src/api/core/two_factor/mod.rs` (+79 -17) 📝 `src/api/identity.rs` (+21 -25) 📝 `src/db/models/organization.rs` (+10 -0) </details> ### 📄 Description after a user's 2FA is removed, they should be deleted from all organizations where the 2fA policy is enforced. fixes #3798 --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

OVERLORD added the pull-request label 2026-02-05 05:22:48 +03:00

OVERLORD closed this issue 2026-02-05 05:22:51 +03:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#3310