public async Task <WebStatus> AuthenticateCodeAsync(AuthenticateInputModel model)
{
_logger.LogDebug("Begin one time code authentication for {0}", model.Username);
var genericErrorMessage = _localizer["The username or one time code wasn't right."];
var userResponse = await _userStore.GetUserByUsernameAsync(model.Username);
if (userResponse.HasError)
{
await _eventNotificationService.NotifyEventAsync(model.Username, EventType.AccountNotFound, nameof(AuthenticateCodeAsync));
_logger.LogDebug("User not found: {0}", model.Username);
return(Unauthenticated(genericErrorMessage));
}
var user = userResponse.Result;
model.OneTimeCode = model.OneTimeCode.Replace(" ", "");
var response = await _oneTimeCodeService.CheckOneTimeCodeAsync(user.Email, model.OneTimeCode, _httpContext.Request.GetClientNonce());
switch (response.Status.StatusCode)
{
case CheckOneTimeCodeStatusCode.VerifiedWithNonce:
case CheckOneTimeCodeStatusCode.VerifiedWithoutNonce:
var nonceWasValid = response.Status.StatusCode == CheckOneTimeCodeStatusCode.VerifiedWithNonce;
await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInSuccess, SignInType.OneTimeCode.ToString());
return(await SignInAndRedirectAsync(SignInMethod.OneTimeCode, model.Username, model.StaySignedIn, response.Result.RedirectUrl, nonceWasValid));
case CheckOneTimeCodeStatusCode.Expired:
await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInFail, SignInType.OneTimeCode.ToString());
return(Unauthenticated(_localizer["Your one time code has expired. Please request a new one."]));
case CheckOneTimeCodeStatusCode.CodeIncorrect:
case CheckOneTimeCodeStatusCode.NotFound:
await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInFail, SignInType.OneTimeCode.ToString());
return(Unauthenticated(genericErrorMessage));
case CheckOneTimeCodeStatusCode.ShortCodeLocked:
return(Unauthenticated(_localizer["The one time code is locked. Please request a new one after a few minutes."]));
case CheckOneTimeCodeStatusCode.ServiceFailure:
default:
return(ServerError(_localizer["Something went wrong."]));
}
}
public async Task <WebStatus> AuthenticateAsync(AuthenticatePasswordInputModel model)
{
_logger.LogDebug("Begin authentication for {0}", model.Username);
var oneTimeCode = model.Password.Replace(" ", "");
if (oneTimeCode.Length == PasswordlessLoginConstants.OneTimeCode.ShortCodeLength && oneTimeCode.All(Char.IsDigit))
{
_logger.LogDebug("Password was a one time code.");
var input = new AuthenticateInputModel()
{
Username = model.Username,
OneTimeCode = oneTimeCode,
StaySignedIn = model.StaySignedIn
};
return(await AuthenticateCodeAsync(input));
}
else
{
_logger.LogDebug("Password was not a six-digit number");
return(await AuthenticatePasswordAsync(model));
}
}
