RocketChat · sampaiodiego · Sep 11, 2020 · Sep 11, 2020 · Sep 11, 2020
diff --git a/app/2fa/server/code/index.ts b/app/2fa/server/code/index.ts
@@ -43,6 +43,7 @@ export function getUserForCheck(userId: string): IUser {
 		fields: {
 			emails: 1,
 			language: 1,
+			createdAt: 1,
 			'services.totp': 1,
 			'services.email2fa': 1,
 			'services.emailCode': 1,
@@ -61,6 +62,19 @@ export function getFingerprintFromConnection(connection: IMethodConnection): str
 	return crypto.createHash('md5').update(data).digest('hex');
 }
 
+function getRememberDate(from: Date = new Date()): Date | undefined {
+	const rememberFor = parseInt(settings.get('Accounts_TwoFactorAuthentication_RememberFor') as string, 10);
+
+	if (rememberFor <= 0) {
+		return;
+	}
+
+	const expires = new Date(from);
+	expires.setSeconds(expires.getSeconds() + rememberFor);
+
+	return expires;
+}
+
 export function isAuthorizedForToken(connection: IMethodConnection, user: IUser, options: ITwoFactorOptions): boolean {
 	const currentToken = Accounts._getLoginToken(connection.id);
 	const tokenObject = user.services?.resume?.loginTokens?.find((i) => i.hashedToken === currentToken);
@@ -77,6 +91,12 @@ export function isAuthorizedForToken(connection: IMethodConnection, user: IUser,
 		return false;
 	}
 
+	// remember user right after their registration
+	const rememberAfterRegistration = user.createdAt && getRememberDate(user.createdAt);
+	if (rememberAfterRegistration && rememberAfterRegistration >= new Date()) {
+		return true;
+	}
+
 	if (!tokenObject.twoFactorAuthorizedUntil || !tokenObject.twoFactorAuthorizedHash) {
 		return false;
 	}
@@ -95,15 +115,11 @@ export function isAuthorizedForToken(connection: IMethodConnection, user: IUser,
 export function rememberAuthorization(connection: IMethodConnection, user: IUser): void {
 	const currentToken = Accounts._getLoginToken(connection.id);
 
-	const rememberFor = parseInt(settings.get('Accounts_TwoFactorAuthentication_RememberFor') as string, 10);
-
-	if (rememberFor <= 0) {
+	const expires = getRememberDate();
+	if (!expires) {
 		return;
 	}
 
-	const expires = new Date();
-	expires.setSeconds(expires.getSeconds() + rememberFor);
-
 	Users.setTwoFactorAuthorizationHashAndUntilForUserIdAndToken(user._id, currentToken, getFingerprintFromConnection(connection), expires);
 }
 

diff --git a/app/lib/server/startup/settings.js b/app/lib/server/startup/settings.js
@@ -2679,7 +2679,7 @@ settings.addGroup('Setup_Wizard', function() {
 		this.add('Allow_Marketing_Emails', true, {
 			type: 'boolean',
 		});
-		this.add('Register_Server', true, {
+		this.add('Register_Server', false, {
 			type: 'boolean',
 		});
 		this.add('Organization_Email', '', {