[PR #555] [MERGED] Add Email 2FA login #2754

New issue

Closed

opened 2026-03-03 08:52:55 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 08:52:55 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/555
Author: @vplme
Created: 8/4/2019
Status: ✅ Merged
Merged: 8/27/2019
Merged by: @dani-garcia

Base: master ← Head: email-codes

📝 Commits (10+)

0b60f20 Add email message for twofactor email codes
27e0e41 Add email authenticator logic
29aedd3 Add email code logic and move two_factor into separate modules
efd8d9f Remove some unused imports, unneeded mut variables
6d460b4 Use saved token for email 2fa codes
5609103 Use ring to generate email token
ad2225b Add configuration options for Email 2FA
591ae10 Get token from single u64
c99df1c Compare token using crypto::ct_eq
5d50b1e Merge remote-tracking branch 'upstream/master' into email-codes

📊 Changes

13 files changed (+1674 additions, -1064 deletions)

View changed files

➖ src/api/core/two_factor.rs (+0 -1037)
➕ src/api/core/two_factor/authenticator.rs (+120 -0)
➕ src/api/core/two_factor/duo.rs (+346 -0)
➕ src/api/core/two_factor/email.rs (+341 -0)
➕ src/api/core/two_factor/mod.rs (+146 -0)
➕ src/api/core/two_factor/u2f.rs (+315 -0)
➕ src/api/core/two_factor/yubikey.rs (+194 -0)
📝 src/api/identity.rs (+32 -19)
📝 src/config.rs (+21 -0)
📝 src/db/models/two_factor.rs (+8 -8)
📝 src/mail.rs (+13 -0)
➕ src/static/templates/email/twofactor_email.hbs (+9 -0)
➕ src/static/templates/email/twofactor_email.html.hbs (+129 -0)

📄 Description

Added email code templates for sending emails
Moved twofactor options into different files/modules
Tried using TOTP for email token codes but that using that didn't make sense. Currently generating a code, serializing and saving it into the data field. Is this a reasonable solution?
Using a TwoFactorType ::EmailVerificationChallenge to show that an email has not been verified yet. After verification it is of TwoFactorType::Email type.

If merged:

web vault builds change required so it no longer hides the 2FA Email button

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/555 **Author:** [@vplme](https://github.com/vplme) **Created:** 8/4/2019 **Status:** ✅ Merged **Merged:** 8/27/2019 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `master` ← **Head:** `email-codes` --- ### 📝 Commits (10+) - [`0b60f20`](https://github.com/dani-garcia/vaultwarden/commit/0b60f20eb3d598acb0525a098445b56672b83985) Add email message for twofactor email codes - [`27e0e41`](https://github.com/dani-garcia/vaultwarden/commit/27e0e41835a09d3e6e5a2d00ad606fc998dda72d) Add email authenticator logic - [`29aedd3`](https://github.com/dani-garcia/vaultwarden/commit/29aedd388e0ff6558c4ee57db8c8e74b4d899be8) Add email code logic and move two_factor into separate modules - [`efd8d9f`](https://github.com/dani-garcia/vaultwarden/commit/efd8d9f5284abb8a9710b80bee2d863458a096dd) Remove some unused imports, unneeded mut variables - [`6d460b4`](https://github.com/dani-garcia/vaultwarden/commit/6d460b44b0484f7c191a807d8608f958cd1a7a23) Use saved token for email 2fa codes - [`5609103`](https://github.com/dani-garcia/vaultwarden/commit/5609103a97f44c7dc4aa7269d80f2df30d50e276) Use ring to generate email token - [`ad2225b`](https://github.com/dani-garcia/vaultwarden/commit/ad2225b6e58bcaf2f6fd9058a316c028b0b3ec8f) Add configuration options for Email 2FA - [`591ae10`](https://github.com/dani-garcia/vaultwarden/commit/591ae101448a19555fce5bca4f5caed0ff82457c) Get token from single u64 - [`c99df1c`](https://github.com/dani-garcia/vaultwarden/commit/c99df1c310d7ba7a9fbe9026646f8a951b1596c9) Compare token using crypto::ct_eq - [`5d50b1e`](https://github.com/dani-garcia/vaultwarden/commit/5d50b1ee3cfe3b4028a876900f61ca3138561fc8) Merge remote-tracking branch 'upstream/master' into email-codes ### 📊 Changes **13 files changed** (+1674 additions, -1064 deletions) <details> <summary>View changed files</summary> ➖ `src/api/core/two_factor.rs` (+0 -1037) ➕ `src/api/core/two_factor/authenticator.rs` (+120 -0) ➕ `src/api/core/two_factor/duo.rs` (+346 -0) ➕ `src/api/core/two_factor/email.rs` (+341 -0) ➕ `src/api/core/two_factor/mod.rs` (+146 -0) ➕ `src/api/core/two_factor/u2f.rs` (+315 -0) ➕ `src/api/core/two_factor/yubikey.rs` (+194 -0) 📝 `src/api/identity.rs` (+32 -19) 📝 `src/config.rs` (+21 -0) 📝 `src/db/models/two_factor.rs` (+8 -8) 📝 `src/mail.rs` (+13 -0) ➕ `src/static/templates/email/twofactor_email.hbs` (+9 -0) ➕ `src/static/templates/email/twofactor_email.html.hbs` (+129 -0) </details> ### 📄 Description - Added email code templates for sending emails - Moved twofactor options into different files/modules - Tried using TOTP for email token codes but that using that didn't make sense. Currently generating a code, serializing and saving it into the `data` field. Is this a reasonable solution? - Using a `TwoFactorType ::EmailVerificationChallenge` to show that an email has not been verified yet. After verification it is of `TwoFactorType::Email` type. If merged: - [ ] web vault builds change required so it no longer hides the 2FA Email button --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>