public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// Poniższy kod chroni przed atakami na zasadzie pełnego przeglądu kodu dwuczynnikowego.
// Jeśli użytkownik będzie wprowadzać niepoprawny kod przez określoną ilość czasu, konto użytkownika
// zostanie zablokowane na określoną ilość czasu.
// Możesz skonfigurować ustawienia blokady konta w elemencie IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(model.ReturnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Nieprawidłowy kod.");
return(View(model));
}
}
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
// You can configure the account lockout settings in IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(model.ReturnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid code.");
return(View(model));
}
}
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
// You can configure the account lockout settings in IdentityConfig
try {
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
var user = UserManager.FindByEmail(model.UserEmail);
_portalService.SaveToLoginLog(user.Id, user.UserName);
//Check users role => startpage
if (await UserManager.IsInRoleAsync(user.Id, "ArendeUpp"))
{
return(RedirectToAction("Index", "FileDrop"));
}
else if (await UserManager.IsInRoleAsync(user.Id, "RegUpp"))
{
return(RedirectToAction("Index", "FileUpload"));
}
else
{
return(RedirectToLocal(model.ReturnUrl));
}
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Felaktig verifieringskod.");
return(View(model));
}
}
catch (Exception e)
{
Console.WriteLine(e);
ErrorManager.WriteToErrorLog("AccountController", "VerifyCode", e.ToString(), e.HResult, model.UserEmail);
var errorModel = new CustomErrorPageModel
{
Information = "Ett fel inträffade vid kontroll av verifieringskod.",
ContactEmail = ConfigurationManager.AppSettings["ContactEmail"],
};
return(View("CustomError", errorModel));
}
}
public void ProviderProp_WhenValidParametersArePasedToId_ShouldSetCorerectly()
{
// Arrange
var viewModel = new VerifyCodeViewModel();
var testProvider = "provider";
// Act
viewModel.Provider = testProvider;
// Assert
Assert.AreEqual(testProvider, viewModel.Provider);
}
public void RememberMeProp_WhenValidParametersArePasedToId_ShouldSetCorerectly()
{
// Arrange
var viewModel = new VerifyCodeViewModel();
var testRememberMe = true;
// Act
viewModel.RememberMe = testRememberMe;
// Assert
Assert.AreEqual(testRememberMe, viewModel.RememberMe);
}
public void ReturnUrlProp_WhenValidParametersArePasedToId_ShouldSetCorerectly()
{
// Arrange
var viewModel = new VerifyCodeViewModel();
var testReturnUrl = "abv.bg";
// Act
viewModel.ReturnUrl = testReturnUrl;
// Assert
Assert.AreEqual(testReturnUrl, viewModel.ReturnUrl);
}
public void CodeProp_WhenValidParametersArePasedToId_ShouldSetCorerectly()
{
// Arrange
var viewModel = new VerifyCodeViewModel();
var testCode = "code";
// Act
viewModel.Code = testCode;
// Assert
Assert.AreEqual(testCode, viewModel.Code);
}
public void VerifyCodeViewModel()
{
VerifyCodeViewModel viewModel = new VerifyCodeViewModel
{
Code = "MyCode",
ReturnUrl = "ReturnUrl",
RememberBrowser = true,
RememberMe = true,
Provider = "Provider"
};
viewModel.Should().NotBeNull();
}
public async Task <ActionResult> VerifyCode(string provider, string returnUrl, bool rememberMe)
{
var verifyCodeVM = new VerifyCodeViewModel {
Provider = provider, ReturnUrl = returnUrl, RememberMe = rememberMe
};
BlogManager manager = BlogManagerFactory.Create();
var siteLinks = manager.GetSiteLinks();
//verifyCodeVM.SetStaticLinks(siteLinks);
// Require that the user has already logged in via username/password or external login
if (!await SignInManager.HasBeenVerifiedAsync())
{
return(View("Error"));
}
return(View(verifyCodeVM));
}
public async Task VerifyCodePostInvokesTwoFactorSignInAsyncWithCorrectParameters()
{
var model = new VerifyCodeViewModel
{
Provider = "provider",
Code = "code",
RememberBrowser = true,
RememberMe = true
};
var signInManager = CreateSignInManagerMock();
signInManager.Setup(x => x.TwoFactorSignInAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <bool>(), It.IsAny <bool>())).ReturnsAsync(new Microsoft.AspNetCore.Identity.SignInResult());
var sut = new AdminController(null, signInManager.Object, null, null, null);
await sut.VerifyCode(model);
signInManager.Verify(x => x.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser));
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: false, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid code.");
return View(model);
}
}
public void Setters_ShouldSetPropertiesCorrectly()
{
// Arrange
var expectedUrl = this.Fixture.Create <string>();
var expectedProvider = this.Fixture.Create <string>();
var expectedCode = this.Fixture.Create <string>();
var sut = new VerifyCodeViewModel();
// Act
sut.ReturnUrl = expectedUrl;
sut.RememberMe = true;
sut.Provider = expectedProvider;
sut.RememberBrowser = true;
sut.Code = expectedCode;
// Assert
Assert.AreSame(expectedUrl, sut.ReturnUrl);
Assert.AreSame(expectedProvider, sut.Provider);
Assert.AreSame(expectedCode, sut.Code);
Assert.AreEqual(true, sut.RememberMe);
Assert.AreEqual(true, sut.RememberBrowser);
}
public async Task VerifyCodePostRedirectsToReturnUrlWhenTwoFactorSignInAsyncSucceedsAndReturnUrlIsLocalUrl()
{
var model = new VerifyCodeViewModel {
ReturnUrl = "returnUrl"
};
var signInManager = CreateSignInManagerMock();
signInManager.Setup(x => x.TwoFactorSignInAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <bool>(), It.IsAny <bool>())).ReturnsAsync(Microsoft.AspNetCore.Identity.SignInResult.Success);
var urlHelper = new Mock <IUrlHelper>();
urlHelper.Setup(x => x.IsLocalUrl(model.ReturnUrl)).Returns(true);
var sut = new AdminController(null, signInManager.Object, null, null, null)
{
Url = urlHelper.Object
};
var result = await sut.VerifyCode(model) as RedirectResult;
Assert.Equal(result.Url, model.ReturnUrl);
}
public async Task <IActionResult> VerifyCode(VerifyCodeViewModel model)
{
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser);
if (result.Succeeded)
{
return(RedirectToLocal(model.ReturnUrl));
}
if (result.IsLockedOut)
{
_logger.LogWarning(7, "User account locked out.");
return(View("Lockout"));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid code.");
return(View(model));
}
}
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model)
{
try
{
if (ModelState.IsValid)
{
var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(model.ReturnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Código Inválido.");
return(View(model));
}
}
else
{
return(View(model));
}
}
catch (Exception e)
{
var logVm = new LogViewModel();
logVm.Mensagem = e.Message;
logVm.Controller = "Account";
logVm.View = "VerifyCode";
var log = Mapper.Map <LogViewModel, Log>(logVm);
_logAppService.SaveOrUpdate(log);
return(RedirectToAction("ErroAoCadastrar"));
}
}
public async Task <ActionResult> VerifyCode(string provider, string returnUrl, bool rememberMe, string userEmail = "")
{
try
{
var user = UserManager.FindByEmail(userEmail);
var phoneNumber = _portalService.HamtaAnvandaresMobilnummer(user.Id);
if (phoneNumber == null)
{
var errorModel = new CustomErrorPageModel();
errorModel.Information = "Telefonnummer saknas.";
return(View("CustomError", errorModel));
}
else
{
var model = new VerifyCodeViewModel();
model.PhoneNumberMasked = _portalService.MaskPhoneNumber(phoneNumber);
return(View(model));
}
}
catch (Exception e)
{
Console.WriteLine(e);
ErrorManager.WriteToErrorLog("AccountController", "VerifyCode", e.ToString(), e.HResult, userEmail);
var errorModel = new CustomErrorPageModel
{
Information = "Ett fel inträffade vid inloggningen",
ContactEmail = ConfigurationManager.AppSettings["ContactEmail"],
};
return(View("CustomError", errorModel));
}
return(View(new VerifyCodeViewModel {
Provider = provider, ReturnUrl = returnUrl, RememberMe = rememberMe, UserEmail = userEmail
}));
}
public async Task <IActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var result = await _signManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser);
if (result.Succeeded)
{
return(RedirectToLocal(model.ReturnUrl));
}
if (result.IsLockedOut)
{
_logger.LogWarning(7, "Tài khoản người dùng bị khóa.");
return(View("Lockout"));
}
else
{
ModelState.AddModelError(string.Empty, "Mã không hợp lệ.");
return(View(model));
}
}
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var loginResult = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code,
model.RememberMe, model.RememberBrowser);
switch (loginResult)
{
case SignInStatus.Success:
return(Redirect(string.IsNullOrEmpty(model.ReturnUrl) ? "/" : model.ReturnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Kod koji ste uneli nije tačan!");
return(View(model));
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// 下列程式碼保護兩個因素碼不受暴力密碼破解攻擊。
// 如果使用者輸入不正確的代碼來表示一段指定的時間,則使用者帳戶
// 會有一段指定的時間遭到鎖定。
// 您可以在 IdentityConfig 中設定帳戶鎖定設定
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "代碼無效。");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!this.ModelState.IsValid)
{
return this.View(model);
}
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
// You can configure the account lockout settings in IdentityConfig
var result = await this.SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return this.RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return this.View("Lockout");
case SignInStatus.Failure:
default:
this.ModelState.AddModelError("", "Invalid code.");
return this.View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// El código siguiente protege de los ataques por fuerza bruta a los códigos de dos factores.
// Si un usuario introduce códigos incorrectos durante un intervalo especificado de tiempo, la cuenta del usuario
// se bloqueará durante un período de tiempo especificado.
// Puede configurar el bloqueo de la cuenta en IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Código no válido.");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// Приведенный ниже код защищает от атак методом подбора, направленных на двухфакторные коды.
// Если пользователь введет неправильные коды за указанное время, его учетная запись
// будет заблокирована на заданный период.
// Параметры блокирования учетных записей можно настроить в IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Неправильный код.");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// 以下代码可以防范双重身份验证代码遭到暴力破解攻击。
// 如果用户输入错误代码的次数达到指定的次数,则会将
// 该用户帐户锁定指定的时间。
// 可以在 IdentityConfig 中配置帐户锁定设置
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "代码无效。");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// 次のコードは、2 要素コードに対するブルート フォース攻撃を防ぎます。
// ユーザーが誤ったコードを入力した回数が指定の回数に達すると、ユーザー アカウントは
// 指定の時間が経過するまでロックアウトされます。
// アカウント ロックアウトの設定は IdentityConfig の中で構成できます。
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "無効なコード。");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// O código a seguir protege de ataques de força bruta em relação aos códigos de dois fatores.
// Se um usuário inserir códigos incorretos para uma quantidade especificada de tempo, então a conta de usuário
// será bloqueado por um período especificado de tempo.
// Você pode configurar os ajustes de bloqueio da conta em IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Código inválido.");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// Le code suivant protège des attaques par force brute contre les codes à 2 facteurs.
// Si un utilisateur entre des codes incorrects pendant un certain intervalle, le compte de cet utilisateur
// est alors verrouillé pendant une durée spécifiée.
// Vous pouvez configurer les paramètres de verrouillage du compte dans IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Code non valide.");
return View(model);
}
}
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// The following code protects for brute force attacks against the two factor codes.
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(model.ReturnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid code.");
return(View(model));
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// Приведенный ниже код защищает от атак методом подбора, направленных на двухфакторные коды.
// Если пользователь введет неправильные коды за указанное время, его учетная запись
// будет заблокирована на заданный период.
// Параметры блокирования учетных записей можно настроить в IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Неправильный код.");
return View(model);
}
}
public async Task VerifyCodePostRedirectsToReturnUrlWhenTwoFactorSignInAsyncSucceedsAndReturnUrlIsLocalUrl()
{
var model = new VerifyCodeViewModel { ReturnUrl = "returnUrl" };
var signInManager = CreateSignInManagerMock();
signInManager.Setup(x => x.TwoFactorSignInAsync(It.IsAny<string>(), It.IsAny<string>(), It.IsAny<bool>(), It.IsAny<bool>())).ReturnsAsync(Microsoft.AspNetCore.Identity.SignInResult.Success);
var urlHelper = new Mock<IUrlHelper>();
urlHelper.Setup(x => x.IsLocalUrl(model.ReturnUrl)).Returns(true);
var sut = new AdminController(null, signInManager.Object, null, null, null) { Url = urlHelper.Object };
var result = await sut.VerifyCode(model) as RedirectResult;
Assert.Equal(result.Url, model.ReturnUrl);
}
public async Task VerifyCodePostInvokesTwoFactorSignInAsyncWithCorrectParameters()
{
var model = new VerifyCodeViewModel
{
Provider = "provider",
Code = "code",
RememberBrowser = true,
RememberMe = true
};
var signInManager = CreateSignInManagerMock();
signInManager.Setup(x => x.TwoFactorSignInAsync(It.IsAny<string>(), It.IsAny<string>(), It.IsAny<bool>(), It.IsAny<bool>())).ReturnsAsync(new Microsoft.AspNetCore.Identity.SignInResult());
var sut = new AdminController(null, signInManager.Object, null, null, null);
await sut.VerifyCode(model);
signInManager.Verify(x => x.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser));
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// El código siguiente protege de los ataques por fuerza bruta a los códigos de dos factores.
// Si un usuario introduce códigos incorrectos durante un intervalo especificado de tiempo, la cuenta del usuario
// se bloqueará durante un período de tiempo especificado.
// Puede configurar el bloqueo de la cuenta en IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Código no válido.");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!this.ModelState.IsValid)
{
return this.View(model);
}
var result = await this.SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, false, model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return this.RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return this.View("Lockout");
// ReSharper disable once RedundantCaseLabel
case SignInStatus.Failure:
default:
this.ModelState.AddModelError(string.Empty, Common.InvalidCode);
return this.View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
try
{
if (!ModelState.IsValid)
{
return View(model);
}
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
// You can configure the account lockout settings in IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid code.");
return View(model);
}
}
catch (ValidationException ex)
{
throw (ex);
}
catch (Exception ex)
{
CommonTools.ErrorReporting(ex);
return new HttpStatusCodeResult(System.Net.HttpStatusCode.InternalServerError);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: false, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid code.");
return View(model);
}
}
public async Task<IActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
return View(model);
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser);
if (result.Succeeded)
{
if (Url.IsLocalUrl(model.ReturnUrl))
{
return Redirect(model.ReturnUrl);
}
return RedirectToAction(nameof(HomeController.Index), "Home");
}
if (result.IsLockedOut)
{
return View("Lockout");
}
ModelState.AddModelError("", "Invalid code.");
return View(model);
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// 다음 코드는 2단계 코드를 통해 무차별 암호 대입 공격(brute force attack)으로부터 보호합니다.
// 사용자가 지정된 시간 동안 잘못된 코드를 입력하면
// 지정된 시간 동안 사용자 계정이 잠깁니다.
// IdentityConfig에서 계정 잠금 설정을 구성할 수 있습니다.
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "잘못된 코드입니다.");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// 以下代码可以防范双重身份验证代码遭到暴力破解攻击。
// 如果用户输入错误代码的次数达到指定的次数,则会将
// 该用户帐户锁定指定的时间。
// 可以在 IdentityConfig 中配置帐户锁定设置
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "代码无效。");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// 次のコードは、2 要素コードに対するブルート フォース攻撃を防ぎます。
// ユーザーが誤ったコードを入力した回数が指定の回数に達すると、ユーザー アカウントは
// 指定の時間が経過するまでロックアウトされます。
// アカウント ロックアウトの設定は IdentityConfig の中で構成できます。
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "無効なコード。");
return View(model);
}
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// 下列程式碼保護兩個因素碼不受暴力密碼破解攻擊。
// 如果使用者輸入不正確的代碼來表示一段指定的時間,則使用者帳戶
// 會有一段指定的時間遭到鎖定。
// 您可以在 IdentityConfig 中設定帳戶鎖定設定
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "代碼無效。");
return View(model);
}
}
public async Task <ActionResult> Login([FromForm] Login login, [FromQuery] string returnUrl)
{
TryValidateModel(login);
// This required for populate fields on form on post-back
WorkContext.Form = Form.FromObject(login);
if (!ModelState.IsValid)
{
return(View("customers/login", WorkContext));
}
login.UserName = login.UserName?.Trim();
var user = await _signInManager.UserManager.FindByNameAsync(login.UserName);
if (user == null)
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.LoginFailed());
return(View("customers/login", WorkContext));
}
if (!new CanUserLoginToStoreSpecification(user).IsSatisfiedBy(WorkContext.CurrentStore))
{
if (login.ForceLoginToAccountStore)
{
var store = WorkContext.AllStores.First(x => x.Id == user.StoreId);
var url = HttpContext.Request.GetEncodedUrl();
var redirectUrl = _urlBuilder.ToStoreAbsolute(url, store, store.DefaultLanguage);
return(RedirectPreserveMethod(redirectUrl));
}
WorkContext.Form.Errors.Add(SecurityErrorDescriber.UserCannotLoginInStore());
return(View("customers/login", WorkContext));
}
if (new IsUserLockedOutSpecification().IsSatisfiedBy(user))
{
return(View("lockedout", WorkContext));
}
if (new IsUserSuspendedSpecification().IsSatisfiedBy(user))
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.AccountIsBlocked());
return(View("customers/login", WorkContext));
}
var loginResult = await _signInManager.PasswordSignInAsync(login.UserName, login.Password, login.RememberMe, lockoutOnFailure : true);
if (loginResult.Succeeded)
{
await _publisher.Publish(new UserLoginEvent(WorkContext, user));
if (new IsUserPasswordExpiredSpecification().IsSatisfiedBy(user))
{
//the sign in operation doesn't change the current request user principal, this only happens on incoming requests when the cookie or bearer token is set.
//Need to manually set User in the HttpContext to avoid issues such as Antiforegery cookies generated for anonymous within this request despite the user has already signed in.
HttpContext.User = await _signInManager.ClaimsFactory.CreateAsync(user);
WorkContext.Form = Form.FromObject(new ResetPassword
{
Token = await _signInManager.UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword"),
Email = user.Email,
UserName = user.UserName
});
return(View("customers/reset_password", WorkContext));
}
return(StoreFrontRedirect(returnUrl));
}
if (loginResult.RequiresTwoFactor)
{
var selectedProvider = _options.TwoFactorAuthenticationNotificationGateway;
var userManager = _signInManager.UserManager;
var code = await userManager.GenerateTwoFactorTokenAsync(user, selectedProvider);
if (string.IsNullOrWhiteSpace(code))
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed());
return(View("customers/login", WorkContext));
}
NotificationBase twoFactorNotification = null;
var veryfyCodeViewModel = new VerifyCodeViewModel {
Provider = selectedProvider, ReturnUrl = returnUrl, RememberMe = login.RememberMe, Username = login.UserName
};
if (veryfyCodeViewModel.Provider.EqualsInvariant("Phone"))
{
var phoneNumber = await userManager.GetPhoneNumberAsync(user);
if (string.IsNullOrEmpty(phoneNumber))
{
// Do not tell we have this user without phone
WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed());
return(View("customers/login", WorkContext));
}
twoFactorNotification = new TwoFactorSmsNotification(WorkContext.CurrentStore.Id, WorkContext.CurrentLanguage)
{
Token = code, Recipient = phoneNumber,
};
}
else // "Email"
{
twoFactorNotification = new TwoFactorEmailNotification(WorkContext.CurrentStore.Id, WorkContext.CurrentLanguage)
{
Token = code,
Sender = WorkContext.CurrentStore.Email,
Recipient = GetUserEmail(user)
};
}
var sendingResult = await SendNotificationAsync(twoFactorNotification);
if (sendingResult.IsSuccess != true)
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.ErrorSendNotification(sendingResult.ErrorMessage));
return(View("customers/login", WorkContext));
}
WorkContext.Form = Form.FromObject(veryfyCodeViewModel);
return(View("customers/verify_code", WorkContext));
}
WorkContext.Form.Errors.Add(SecurityErrorDescriber.LoginFailed());
return(View("customers/login", WorkContext));
}
public async Task <ActionResult> Login([FromForm] Login login, string returnUrl)
{
TryValidateModel(login);
// This required for populate fields on form on post-back
WorkContext.Form = Form.FromObject(login);
if (!ModelState.IsValid)
{
return(View("customers/login", WorkContext));
}
login.UserName = login.UserName?.Trim();
var loginResult = await _signInManager.PasswordSignInAsync(login.UserName, login.Password, login.RememberMe, lockoutOnFailure : true);
if (loginResult.Succeeded)
{
var user = await _signInManager.UserManager.FindByNameAsync(login.UserName);
// Check that current user can sing in to current store
if (new CanUserLoginToStoreSpecification(user).IsSatisfiedBy(WorkContext.CurrentStore) && new IsUserSuspendedSpecification().IsSatisfiedBy(user) == false)
{
await _publisher.Publish(new UserLoginEvent(WorkContext, user));
return(StoreFrontRedirect(returnUrl));
}
else
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.UserCannotLoginInStore());
await _signInManager.SignOutAsync();
loginResult = Microsoft.AspNetCore.Identity.SignInResult.NotAllowed;
}
}
if (loginResult.RequiresTwoFactor)
{
var user = await _signInManager.UserManager.FindByNameAsync(login.UserName);
if (user == null)
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed());
return(View("customers/login", WorkContext));
}
var selectedProvider = _options.TwoFactorAuthenticationNotificationGateway;
var userManager = _signInManager.UserManager;
var code = await userManager.GenerateTwoFactorTokenAsync(user, selectedProvider);
if (string.IsNullOrWhiteSpace(code))
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed());
return(View("customers/login", WorkContext));
}
NotificationBase twoFactorNotification = null;
var veryfyCodeViewModel = new VerifyCodeViewModel {
Provider = selectedProvider, ReturnUrl = returnUrl, RememberMe = login.RememberMe, Username = login.UserName
};
if (veryfyCodeViewModel.Provider.EqualsInvariant("Phone"))
{
var phoneNumber = await userManager.GetPhoneNumberAsync(user);
if (string.IsNullOrEmpty(phoneNumber))
{
// Do not tell we have this user without phone
WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed());
return(View("customers/login", WorkContext));
}
twoFactorNotification = new TwoFactorSmsNotification(WorkContext.CurrentStore.Id, WorkContext.CurrentLanguage)
{
Token = code,
Recipient = phoneNumber,
};
}
else // "Email"
{
twoFactorNotification = new TwoFactorEmailNotification(WorkContext.CurrentStore.Id, WorkContext.CurrentLanguage)
{
Token = code,
Sender = WorkContext.CurrentStore.Email,
Recipient = GetUserEmail(user)
};
}
var sendingResult = await SendNotificationAsync(twoFactorNotification);
if (sendingResult.IsSuccess != true)
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.ErrorSendNotification(sendingResult.ErrorMessage));
return(View("customers/login", WorkContext));
}
WorkContext.Form = Form.FromObject(veryfyCodeViewModel);
return(View("customers/verify_code", WorkContext));
}
if (loginResult.IsLockedOut)
{
return(View("lockedout", WorkContext));
}
if (loginResult is CustomSignInResult signInResult && signInResult.IsRejected)
{
WorkContext.Form.Errors.Add(SecurityErrorDescriber.AccountIsBlocked());
}
WorkContext.Form.Errors.Add(SecurityErrorDescriber.LoginFailed());
return(View("customers/login", WorkContext));
}
public async Task <IActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser);
if (result.Succeeded)
{
// check if we are in the context of an authorization request
var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id.ToString(), user.UserName, clientId : context?.Client.ClientId));
// only set explicit expiration here if user chooses "remember me".
// otherwise we rely upon expiration configured in cookie middleware.
AuthenticationProperties props = null;
if (AccountOptions.AllowRememberLogin && model.RememberMe)
{
props = new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration)
};
}
// issue authentication cookie with subject ID and username
var isuser = new IdentityServerUser(user.Id.ToString())
{
DisplayName = user.UserName,
};
await HttpContext.SignInAsync(isuser, props);
if (context != null)
{
if (context.IsNativeClient())
{
// The client is native, so this change in how to
// return the response is for better UX for the end user.
return(this.LoadingPage("Redirect", model.ReturnUrl));
}
// we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
return(Redirect(model.ReturnUrl));
}
// request for a local page
if (Url.IsLocalUrl(model.ReturnUrl))
{
return(Redirect(model.ReturnUrl));
}
else if (string.IsNullOrEmpty(model.ReturnUrl))
{
return(Redirect("~/"));
}
else
{
// user might have clicked on a malicious link - should be logged
throw new Exception("invalid return URL");
}
return(RedirectToLocal(model.ReturnUrl));
}
if (result.IsLockedOut)
{
_logger.LogWarning(7, "User account locked out.");
return(View("Lockout"));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid code.");
return(View(model));
}
}
public async Task<ActionResult> VerifyCode(string provider, string returnUrl, bool rememberMe)
{
// Require that the user has already logged in via username/password or external login
if (!await this.SignInManager.HasBeenVerifiedAsync())
{
return this.View("Error");
}
var model = new VerifyCodeViewModel
{
Provider = provider,
ReturnUrl = returnUrl,
RememberMe = rememberMe
};
return this.View(model);
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// Le code suivant protège des attaques par force brute contre les codes à 2 facteurs.
// Si un utilisateur entre des codes incorrects pendant un certain intervalle, le compte de cet utilisateur
// est alors verrouillé pendant une durée spécifiée.
// Vous pouvez configurer les paramètres de verrouillage du compte dans IdentityConfig
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Code non valide.");
return View(model);
}
}
public async Task<IActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// The following code protects for brute force attacks against the two factor codes.
// If a user enters incorrect codes for a specified amount of time then the user account
// will be locked out for a specified amount of time.
var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser);
if (result.Succeeded)
{
return RedirectToLocal(model.ReturnUrl);
}
if (result.IsLockedOut)
{
_logger.LogWarning(7, "User account locked out.");
return View("Lockout");
}
else
{
ModelState.AddModelError(string.Empty, "Invalid code.");
return View(model);
}
}
public async Task<ActionResult> VerifyRegistrationCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
var user = await UserManager.FindByEmailAsync(model.Email);
if (user == null)
{
ModelState.AddModelError("", ApplicationMessages.UserNotFoundForGivenEmail);
return View(model);
}
if (user.PhoneNumberConfirmed)
{
ModelState.AddModelError("", ApplicationMessages.UserAlreadyConfirmed);
return View(model);
}
var result = await UserManager.ConfirmPhoneNumberAsync(user.Id, model.Code);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
await UserManager.SendSmsAsync(user.Id, ApplicationMessages.SignupComplete);
return RedirectToAction("Status");
}
else
{
AddErrors(result);
return View(model);
}
}
public Task <ActionResult> VerifyCodeTest01([PexAssumeUnderTest] AccountController target, VerifyCodeViewModel model)
{
Task <ActionResult> result = target.VerifyCode(model);
return(result);
// TODO: aggiungere asserzioni a metodo AccountControllerTest.VerifyCodeTest01(AccountController, VerifyCodeViewModel)
}
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
// Der folgende Code schützt vor Brute-Force-Angriffen der zweistufigen Codes.
// Wenn ein Benutzer in einem angegebenen Zeitraum falsche Codes eingibt, wird das Benutzerkonto
// für einen bestimmten Zeitraum gesperrt.
// Sie können die Einstellungen für Kontosperren in "IdentityConfig" konfigurieren.
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(model.ReturnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Ungültiger Code.");
return View(model);
}
}