public async Task <TwoFactorResponseModel> PutTwoFactor([FromBody] UpdateTwoFactorRequestModel model)
{
var user = await _userService.GetUserByPrincipalAsync(User);
if (!await _userManager.CheckPasswordAsync(user, model.MasterPasswordHash))
{
await Task.Delay(2000);
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
}
if (!await _userManager.VerifyTwoFactorTokenAsync(user, TwoFactorProviderType.Authenticator.ToString(), model.Token))
{
await Task.Delay(2000);
throw new BadRequestException("Token", "Invalid token.");
}
user.TwoFactorProvider = TwoFactorProviderType.Authenticator;
user.TwoFactorEnabled = model.Enabled.Value;
user.TwoFactorRecoveryCode = user.TwoFactorEnabled ? Guid.NewGuid().ToString("N") : null;
await _userService.SaveUserAsync(user);
var response = new TwoFactorResponseModel(user);
return(response);
}
public async Task <TwoFactorResponseModel> PutTwoFactor([FromBody] UpdateTwoFactorRequestModel model)
{
var user = _currentContext.User;
if (!await _userManager.CheckPasswordAsync(user, model.MasterPasswordHash))
{
await Task.Delay(2000);
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
}
if (model.Enabled.Value && !await _userManager.VerifyTwoFactorTokenAsync(user, "Authenticator", model.Token))
{
await Task.Delay(2000);
throw new BadRequestException("Token", "Invalid token.");
}
user.TwoFactorProvider = TwoFactorProvider.Authenticator;
user.TwoFactorEnabled = model.Enabled.Value;
await _userService.SaveUserAsync(user);
var response = new TwoFactorResponseModel(user);
return(response);
}
