public async Task <bool> ValidateAsync(string purpose, string token, UserManager <TUser, TKey> manager, TUser user)
        {
            var twoFactAuthManager = manager as IUserManagerSupportsTwoFactorAuthStore <TUser, TKey>;

            if (twoFactAuthManager == null)
            {
                throw new InvalidOperationException(Messages.IUserManagerSupportsTwoFactorAuthStoreNotImplemented);
            }
            if (!twoFactAuthManager.IsSupported())
            {
                throw new InvalidOperationException(Messages.ITwoFactorCodeStoreNotImplemented);
            }

            var data = await twoFactAuthManager.GetTwoFactorAuthDataAsync(user);

            if (data != null &&
                data.HashedCode != null &&
                UtcNow < data.DateIssued.Add(this.ValidityDuration))
            {
                var stamp = await manager.GetSecurityStampAsync(user.Id);

                purpose += stamp;

                var hasher = new AdaptivePasswordHasher(this.HashingIterations);
                return(hasher.VerifyHashedPassword(data.HashedCode, purpose + token) != PasswordVerificationResult.Failed);
            }

            return(false);
        }
        public async Task <string> GenerateAsync(string purpose, UserManager <TUser, TKey> manager, TUser user)
        {
            var twoFactAuthManager = manager as IUserManagerSupportsTwoFactorAuthStore <TUser, TKey>;

            if (twoFactAuthManager == null)
            {
                throw new InvalidOperationException(Messages.IUserManagerSupportsTwoFactorAuthStoreNotImplemented);
            }
            if (!twoFactAuthManager.IsSupported())
            {
                throw new InvalidOperationException(Messages.ITwoFactorCodeStoreNotImplemented);
            }

            var stamp = await manager.GetSecurityStampAsync(user.Id);

            purpose += stamp;

            var bytes = Crypto.GenerateSaltInternal(sizeof(long));
            var val   = BitConverter.ToInt64(bytes, 0);
            var mod   = (int)Math.Pow(10, Digits);

            val %= mod;
            val  = Math.Abs(val);

            var code = val.ToString("D" + Digits);

            var hasher     = new AdaptivePasswordHasher(this.HashingIterations);
            var hashedCode = hasher.HashPassword(purpose + code);

            var data = new TwoFactorAuthData {
                HashedCode = hashedCode, DateIssued = UtcNow
            };
            await twoFactAuthManager.SetTwoFactorAuthDataAsync(user, data);

            await manager.UpdateAsync(user);

            return(code);
        }
Beispiel #3
0
 public IdentityRebootUserManager(IUserStore <TUser, TKey> store, int hashingIterations)
     : base(store)
 {
     PasswordHasher = new AdaptivePasswordHasher(hashingIterations);
 }
Beispiel #4
0
 public IdentityRebootUserManager(IUserStore <TUser, TKey> store)
     : base(store)
 {
     PasswordHasher = new AdaptivePasswordHasher();
 }