[PR #6495] [MERGED] fix email as 2fa for sso #16635

Closed
opened 2026-04-23 08:00:17 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/6495
Author: @stefan0xC
Created: 11/26/2025
Status: Merged
Merged: 12/6/2025
Merged by: @dani-garcia

Base: mainHead: fix-2fa-email-for-sso


📝 Commits (6)

  • b953411 fix email as 2fa for sso
  • 293e1b8 allow saving device without updating updated_at
  • 531bf44 check if email is some
  • 7b56458 allow device to be saved in postgresql
  • c5fe9a1 use twofactor_incomplete table
  • 72a8313 no need to update device.updated_at

📊 Changes

7 files changed (+93 additions, -60 deletions)

View changed files

📝 src/api/core/accounts.rs (+1 -1)
📝 src/api/core/two_factor/email.rs (+32 -15)
📝 src/api/identity.rs (+15 -9)
📝 src/api/push.rs (+1 -1)
📝 src/auth.rs (+1 -1)
📝 src/db/models/device.rs (+27 -31)
📝 src/db/models/user.rs (+16 -2)

📄 Description

only validate master password hash if an email is provided and improve the find_by_device lookup by sorting by the most recently used device (i.e. the one last updated, which we make sure by saving the device on each login attempt).

(I think I got rid of the issue by updating the device on each login, if not I can restore the alternative version again.)


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/6495 **Author:** [@stefan0xC](https://github.com/stefan0xC) **Created:** 11/26/2025 **Status:** ✅ Merged **Merged:** 12/6/2025 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `main` ← **Head:** `fix-2fa-email-for-sso` --- ### 📝 Commits (6) - [`b953411`](https://github.com/dani-garcia/vaultwarden/commit/b953411dd51bac05aba8821c1037bde0039b7e47) fix email as 2fa for sso - [`293e1b8`](https://github.com/dani-garcia/vaultwarden/commit/293e1b8beba471e09cab4f36a8495b6e0c4ae2ce) allow saving device without updating `updated_at` - [`531bf44`](https://github.com/dani-garcia/vaultwarden/commit/531bf440b6b2ca61aac6d62903cad4ddba936697) check if email is some - [`7b56458`](https://github.com/dani-garcia/vaultwarden/commit/7b56458e89d966bb1b7af83fa9419e9b02c99901) allow device to be saved in postgresql - [`c5fe9a1`](https://github.com/dani-garcia/vaultwarden/commit/c5fe9a134fbee7625f4c4ab614ce280c13dfefbe) use twofactor_incomplete table - [`72a8313`](https://github.com/dani-garcia/vaultwarden/commit/72a83130ae88f74afece62958fc7d83108bfa0f7) no need to update device.updated_at ### 📊 Changes **7 files changed** (+93 additions, -60 deletions) <details> <summary>View changed files</summary> 📝 `src/api/core/accounts.rs` (+1 -1) 📝 `src/api/core/two_factor/email.rs` (+32 -15) 📝 `src/api/identity.rs` (+15 -9) 📝 `src/api/push.rs` (+1 -1) 📝 `src/auth.rs` (+1 -1) 📝 `src/db/models/device.rs` (+27 -31) 📝 `src/db/models/user.rs` (+16 -2) </details> ### 📄 Description only validate master password hash if an email is provided and improve the find_by_device lookup by sorting by the most recently used device (i.e. the one last updated, which we make sure by saving the device on each login attempt). (I think I got rid of the issue by updating the device on each login, if not I can restore the [alternative version again](https://github.com/dani-garcia/vaultwarden/blob/68c59d517aa7eaf02de27acbc5eab0e58ff52589/src/db/models/user.rs#L389-L401).) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-04-23 08:00:17 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#16635