/// <summary>
/// Return the view for the 2FA screen
/// </summary>
/// <param name="owinContext"></param>
/// <param name="umbracoContext"></param>
/// <param name="username"></param>
/// <returns></returns>
public string GetTwoFactorView(IOwinContext owinContext, UmbracoContext umbracoContext, string username)
{
var user = ApplicationContext.Current.Services.UserService.GetByUsername(username);
var database = new FortressDatabase();
var accountIsLockedFlag = HttpContext.Current.Items[FortressConstants.LockoutItemKey] as bool?;
if (accountIsLockedFlag.HasValue && accountIsLockedFlag.Value)
{
return("/App_Plugins/Umbraco2FA/backoffice/TwoFactor/AccountLockout.html");
}
var details = database.GetUserDetails(user.Id);
if (details == null || !details.IsValidated)
{
//user needs setting up
return("/App_Plugins/Umbraco2FA/backoffice/TwoFactor/Setup.html");
}
var provider = TwoFactorProviders[details.Provider];
//var providerDetails = provider as IuProtectTwoFactorProvider;
if (provider != null)
{
return("/App_Plugins/Umbraco2FA/backoffice/TwoFactor/TwoFactorLogin.html");
}
return("/App_Plugins/Umbraco2FA/backoffice/TwoFactor/GenericError.html");
}
public override async Task <SignInStatus> TwoFactorSignInAsync(string provider, string code, bool isPersistent,
bool rememberBrowser)
{
var result = await base.TwoFactorSignInAsync(provider, code, isPersistent, rememberBrowser);
var db = new FortressDatabase();
db.AddNewSignInEvent(this.GetVerifiedUserId(), result, true, Request.RemoteIpAddress);
return(result);
}
private static FirewallEntriesModel getFresh()
{
var model = new FirewallEntriesModel();
var db = new FortressDatabase();
model.BackOfficeBlackList = db.GetAllFirewallEntries(FirewallMode.BlackList, FirewallArea.BackOffice);
model.BackOfficeWhiteList = db.GetAllFirewallEntries(FirewallMode.WhiteList, FirewallArea.BackOffice);
model.FrontEndBlackList = db.GetAllFirewallEntries(FirewallMode.BlackList, FirewallArea.FrontEnd);
model.FrontEndWhiteList = db.GetAllFirewallEntries(FirewallMode.WhiteList, FirewallArea.FrontEnd);
return(model);
}
/// <summary>
/// Explicitly implement this interface method - which overrides the base class's implementation
/// </summary>
/// <param name="purpose"></param>
/// <param name="token"></param>
/// <param name="manager"></param>
/// <param name="user"></param>
/// <returns></returns>
Task <bool> IUserTokenProvider <BackOfficeIdentityUser, int> .ValidateAsync(string purpose, string token, UserManager <BackOfficeIdentityUser, int> manager, BackOfficeIdentityUser user)
{
var db = new FortressDatabase();
var details = db.GetUserDetails(user.Id);
if (details != null && details.Provider == "SMS")
{
return(Task.FromResult(details.CurrentCode == token));
}
return(Task.FromResult(false));
}
/// <summary>
/// Explicitly implement this interface method - which overrides the base class's implementation
/// </summary>
/// <param name="purpose"></param>
/// <param name="token"></param>
/// <param name="manager"></param>
/// <param name="user"></param>
/// <returns></returns>
Task <bool> IUserTokenProvider <BackOfficeIdentityUser, int> .ValidateAsync(string purpose, string token, UserManager <BackOfficeIdentityUser, int> manager, BackOfficeIdentityUser user)
{
TwoFactorAuthenticator tfa = new TwoFactorAuthenticator();
var db = new FortressDatabase();
var details = db.GetUserDetails(user.Id);
bool isCorrectPIN = tfa.ValidateTwoFactorPIN(details.Configuration, token);
if (details.IsValidated == false && isCorrectPIN)
{
details.IsValidated = true;
db.Update(details);
}
return(Task.FromResult(isCorrectPIN));
}
/// <summary>
/// Return the view for the 2FA screen
/// </summary>
/// <param name="owinContext"></param>
/// <param name="umbracoContext"></param>
/// <param name="username"></param>
/// <returns></returns>
public string GetTwoFactorView(IOwinContext owinContext, UmbracoContext umbracoContext, string username)
{
var user = ApplicationContext.Current.Services.UserService.GetByUsername(username);
var database = new FortressDatabase();
var details = database.GetUserDetails(user.Id);
var provider = TwoFactorProviders[details.Provider];
//var providerDetails = provider as IuProtectTwoFactorProvider;
if (provider != null)
{
return("/App_Plugins/Umbraco2FA/backoffice/TwoFactor/TwoFactorLogin.html");
}
return("/App_Plugins/Umbraco2FA/backoffice/TwoFactor/GenericError.html");
}
/// <summary>
/// Returns whether two factor authentication is enabled for the user
/// </summary>
/// <param name="user"/>
/// <returns/>
/// <remarks>
/// This Demo does not persist any data, so this method for this Demo always returns true.
/// If you want to have 2FA configured per user, you will need to store that information somewhere.
/// See the notes above in the SetTwoFactorEnabledAsync method.
/// </remarks>
public override Task <bool> GetTwoFactorEnabledAsync(BackOfficeIdentityUser user)
{
var db = new FortressDatabase();
var details = db.GetUserDetails(user.Id);
if (details != null && details.IsValidated)
{
return(Task.FromResult(true));
}
return(Task.FromResult(false));
//If you persisted this data somewhere then you could either look it up now, or you could
//explicitly implement all IUserStore "Find*" methods, call their base implementation and then lookup
//your persisted value and assign to the TwoFactorEnabled property of the resulting BackOfficeIdentityUser user.
//return Task.FromResult(user.TwoFactorEnabled);
}
//
// Summary:
// Returns true if provider can be used for this user, i.e. could require a user
// to have an email
//
// Parameters:
// manager:
//
// user:
Task <bool> IUserTokenProvider <BackOfficeIdentityUser, int> .IsValidProviderForUserAsync(UserManager <BackOfficeIdentityUser, int> manager, BackOfficeIdentityUser user)
{
var db = new FortressDatabase();
if (!db.GetSettingsFromDatabase().GoogleAuthenticator_Enabled)
{
return(Task.FromResult(false));
}
var details = db.GetUserDetails(user.Id);
if (details == null || !details.IsValidated || details.Provider == "GoogleAuthenticator")
{
return(Task.FromResult(true));
}
return(Task.FromResult(false));
}
/// <summary>
/// Sign in the user in using the user name and password
/// </summary>
/// <param name="userName" />
/// <param name="password" />
/// <param name="isPersistent" />
/// <param name="shouldLockout" />
/// <returns />
public override async Task <SignInStatus> PasswordSignInAsync(string userName, string password, bool isPersistent,
bool shouldLockout)
{
var db = new FortressDatabase();
var result = await base.PasswordSignInAsync(userName, password, isPersistent, shouldLockout);
if (result == SignInStatus.LockedOut)
{
db.AddNewSignInEvent(userName, SignInStatus.LockedOut, false, Request.RemoteIpAddress);
HttpContext.Current.Items.Add(FortressConstants.LockoutItemKey, true);
return(SignInStatus.RequiresVerification);
}
db.AddNewSignInEvent(userName, result, false, Request.RemoteIpAddress);
return(result);
}
Task IUserTokenProvider <BackOfficeIdentityUser, int> .NotifyAsync(string token, UserManager <BackOfficeIdentityUser, int> manager, BackOfficeIdentityUser user)
{
var db = new FortressDatabase();
var details = db.GetUserDetails(user.Id);
var settings = db.GetSettingsFromDatabase();
if (details == null || !details.IsValidated || details.Provider == "SMS")
{
details.CurrentCode = token;
details.CurrentCodeGenerated = DateTime.UtcNow;
db.Update(details);
}
var SmsProvider = FortressContext.GetCurrentSmsProvider();
SmsProvider.SendSms(details.Configuration, string.Format(settings.SMS_MessageFormat, token));
return(Task.FromResult(true));
}
private static FortressSettings getFresh()
{
var db = new FortressDatabase();
return(db.GetSettingsFromDatabase());
}