private async Task <bool> CreateExternalLogin(DAL.Models.Identity.User user, LoginProvider provider, UserInfo userInfo) { // attach login var res = await UserManager.AddLoginAsync(user, new UserLoginInfo(provider.ToString(), userInfo.Id, provider.ToString())); // sign in if (res.Succeeded) { return(true); } return(false); }
// --- /// <summary> /// Persist user activity record /// </summary> public static DAL.Models.UserActivity CreateUserActivity(DAL.Models.Identity.User user, UserActivityType type, string comment, string ip, string agent, Locale locale) { return(new DAL.Models.UserActivity() { UserId = user.Id, Ip = ip, Agent = agent.Limit(DAL.Models.FieldMaxLength.UserAgent), Type = type.ToString().ToLowerInvariant(), Comment = comment.Limit(DAL.Models.FieldMaxLength.Comment), TimeCreated = DateTime.UtcNow, Locale = locale, }); }
private VerificationView MakeVerificationView(DAL.Models.Identity.User user) { if (user == null) { throw new ArgumentException("User must be specified"); } var kycFinished = CoreLogic.User.HasKycVerification(user.UserVerification); var kycPending = !kycFinished && user.UserVerification?.LastKycTicket != null && user.UserVerification.LastKycTicket.TimeResponded == null && (DateTime.UtcNow - user.UserVerification.LastKycTicket.TimeCreated) < AllowedPeriodBetweenKycRequests ; var rcfg = RuntimeConfigHolder.Clone(); var agrSigned = CoreLogic.User.HasTosSigned(user.UserVerification); var ret = new VerificationView() { IsFormFilled = CoreLogic.User.HasFilledPersonalData(user?.UserVerification), IsKycPending = kycPending, IsKycFinished = kycFinished, IsAgreementSigned = agrSigned, FirstName = user.UserVerification?.FirstName ?? "", MiddleName = user.UserVerification?.MiddleName ?? "", LastName = user.UserVerification?.LastName ?? "", Dob = user.UserVerification?.DoB?.ToString("dd.MM.yyyy") ?? "", PhoneNumber = user.UserVerification?.PhoneNumber ?? "", Country = user.UserVerification?.CountryCode ?? "", State = user.UserVerification?.State ?? "", City = user.UserVerification?.City ?? "", PostalCode = user.UserVerification?.PostalCode ?? "", Street = user.UserVerification?.Street ?? "", Apartment = user.UserVerification?.Apartment ?? "", }; return(ret); }
// --- /// <summary> /// User's tier /// </summary> public static UserTier GetTier(DAL.Models.Identity.User user) { var tier = UserTier.Tier0; var hasAgreement = HasTosSigned(user?.UserVerification); var hasPersData = HasFilledPersonalData(user?.UserVerification); var hasKyc = HasKycVerification(user?.UserVerification); if (hasAgreement) { tier = UserTier.Tier1; } if (hasAgreement && hasPersData && hasKyc) { tier = UserTier.Tier2; } return(tier); }
private TfaView MakeTFASetupView(DAL.Models.Identity.User user) { var ret = new TfaView() { Enabled = user.TwoFactorEnabled, QrData = null, Secret = null, }; if (!user.TwoFactorEnabled) { var secretBytes = System.Text.Encoding.ASCII.GetBytes(user.TfaSecret); var secretBase32 = Wiry.Base32.Base32Encoding.Standard.GetString(secretBytes).Replace("=", "").ToUpper(); ret.QrData = Core.Tokens.GoogleAuthenticator.MakeQRCode(AppConfig.Auth.TwoFactorIssuer, user.UserName, secretBase32); ret.Secret = secretBase32; } return(ret); }
private APIResponse OnSignInResultCheck(IServiceProvider services, SignInResult result, DAL.Models.Identity.User user, JwtAudience audience, bool tfaRequired) { if (result != null) { if (result.Succeeded || result.RequiresTwoFactor) { // denied var accessRightsMask = Core.UserAccount.ResolveAccessRightsMask(services, audience, user); if (accessRightsMask == null) { return(null); } // tfa token if (tfaRequired || result.RequiresTwoFactor) { return(APIResponse.Success( new AuthenticateView() { Token = JWT.CreateAuthToken( appConfig: AppConfig, user: user, audience: audience, area: JwtArea.Tfa, rightsMask: accessRightsMask.Value ), TfaRequired = true, } )); } // new jwt salt UserAccount.GenerateJwtSalt(user, audience); DbContext.SaveChanges(); // auth token return(APIResponse.Success( new AuthenticateView() { Token = JWT.CreateAuthToken( appConfig: AppConfig, user: user, audience: audience, area: JwtArea.Authorized, rightsMask: accessRightsMask.Value ), TfaRequired = false, } )); } if (result.IsLockedOut) { return(APIResponse.BadRequest(APIErrorCode.AccountLocked, "Too many unsuccessful attempts to sign in. Account is locked, try to sign in later")); } if (result.IsNotAllowed) { return(APIResponse.BadRequest(APIErrorCode.AccountEmailNotConfirmed, "Email is not confirmed yet")); } } // not found return(null); }