public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return(View(model)); } // Poniższy kod chroni przed atakami na zasadzie pełnego przeglądu kodu dwuczynnikowego. // Jeśli użytkownik będzie wprowadzać niepoprawny kod przez określoną ilość czasu, konto użytkownika // zostanie zablokowane na określoną ilość czasu. // Możesz skonfigurować ustawienia blokady konta w elemencie IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser); switch (result) { case SignInStatus.Success: return(RedirectToLocal(model.ReturnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Nieprawidłowy kod."); return(View(model)); } }
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return(View(model)); } // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. // You can configure the account lockout settings in IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser); switch (result) { case SignInStatus.Success: return(RedirectToLocal(model.ReturnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid code."); return(View(model)); } }
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return(View(model)); } // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. // You can configure the account lockout settings in IdentityConfig try { var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser); switch (result) { case SignInStatus.Success: var user = UserManager.FindByEmail(model.UserEmail); _portalService.SaveToLoginLog(user.Id, user.UserName); //Check users role => startpage if (await UserManager.IsInRoleAsync(user.Id, "ArendeUpp")) { return(RedirectToAction("Index", "FileDrop")); } else if (await UserManager.IsInRoleAsync(user.Id, "RegUpp")) { return(RedirectToAction("Index", "FileUpload")); } else { return(RedirectToLocal(model.ReturnUrl)); } case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Felaktig verifieringskod."); return(View(model)); } } catch (Exception e) { Console.WriteLine(e); ErrorManager.WriteToErrorLog("AccountController", "VerifyCode", e.ToString(), e.HResult, model.UserEmail); var errorModel = new CustomErrorPageModel { Information = "Ett fel inträffade vid kontroll av verifieringskod.", ContactEmail = ConfigurationManager.AppSettings["ContactEmail"], }; return(View("CustomError", errorModel)); } }
public void ProviderProp_WhenValidParametersArePasedToId_ShouldSetCorerectly() { // Arrange var viewModel = new VerifyCodeViewModel(); var testProvider = "provider"; // Act viewModel.Provider = testProvider; // Assert Assert.AreEqual(testProvider, viewModel.Provider); }
public void RememberMeProp_WhenValidParametersArePasedToId_ShouldSetCorerectly() { // Arrange var viewModel = new VerifyCodeViewModel(); var testRememberMe = true; // Act viewModel.RememberMe = testRememberMe; // Assert Assert.AreEqual(testRememberMe, viewModel.RememberMe); }
public void ReturnUrlProp_WhenValidParametersArePasedToId_ShouldSetCorerectly() { // Arrange var viewModel = new VerifyCodeViewModel(); var testReturnUrl = "abv.bg"; // Act viewModel.ReturnUrl = testReturnUrl; // Assert Assert.AreEqual(testReturnUrl, viewModel.ReturnUrl); }
public void CodeProp_WhenValidParametersArePasedToId_ShouldSetCorerectly() { // Arrange var viewModel = new VerifyCodeViewModel(); var testCode = "code"; // Act viewModel.Code = testCode; // Assert Assert.AreEqual(testCode, viewModel.Code); }
public void VerifyCodeViewModel() { VerifyCodeViewModel viewModel = new VerifyCodeViewModel { Code = "MyCode", ReturnUrl = "ReturnUrl", RememberBrowser = true, RememberMe = true, Provider = "Provider" }; viewModel.Should().NotBeNull(); }
public async Task <ActionResult> VerifyCode(string provider, string returnUrl, bool rememberMe) { var verifyCodeVM = new VerifyCodeViewModel { Provider = provider, ReturnUrl = returnUrl, RememberMe = rememberMe }; BlogManager manager = BlogManagerFactory.Create(); var siteLinks = manager.GetSiteLinks(); //verifyCodeVM.SetStaticLinks(siteLinks); // Require that the user has already logged in via username/password or external login if (!await SignInManager.HasBeenVerifiedAsync()) { return(View("Error")); } return(View(verifyCodeVM)); }
public async Task VerifyCodePostInvokesTwoFactorSignInAsyncWithCorrectParameters() { var model = new VerifyCodeViewModel { Provider = "provider", Code = "code", RememberBrowser = true, RememberMe = true }; var signInManager = CreateSignInManagerMock(); signInManager.Setup(x => x.TwoFactorSignInAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <bool>(), It.IsAny <bool>())).ReturnsAsync(new Microsoft.AspNetCore.Identity.SignInResult()); var sut = new AdminController(null, signInManager.Object, null, null, null); await sut.VerifyCode(model); signInManager.Verify(x => x.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser)); }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: false, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid code."); return View(model); } }
public void Setters_ShouldSetPropertiesCorrectly() { // Arrange var expectedUrl = this.Fixture.Create <string>(); var expectedProvider = this.Fixture.Create <string>(); var expectedCode = this.Fixture.Create <string>(); var sut = new VerifyCodeViewModel(); // Act sut.ReturnUrl = expectedUrl; sut.RememberMe = true; sut.Provider = expectedProvider; sut.RememberBrowser = true; sut.Code = expectedCode; // Assert Assert.AreSame(expectedUrl, sut.ReturnUrl); Assert.AreSame(expectedProvider, sut.Provider); Assert.AreSame(expectedCode, sut.Code); Assert.AreEqual(true, sut.RememberMe); Assert.AreEqual(true, sut.RememberBrowser); }
public async Task VerifyCodePostRedirectsToReturnUrlWhenTwoFactorSignInAsyncSucceedsAndReturnUrlIsLocalUrl() { var model = new VerifyCodeViewModel { ReturnUrl = "returnUrl" }; var signInManager = CreateSignInManagerMock(); signInManager.Setup(x => x.TwoFactorSignInAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <bool>(), It.IsAny <bool>())).ReturnsAsync(Microsoft.AspNetCore.Identity.SignInResult.Success); var urlHelper = new Mock <IUrlHelper>(); urlHelper.Setup(x => x.IsLocalUrl(model.ReturnUrl)).Returns(true); var sut = new AdminController(null, signInManager.Object, null, null, null) { Url = urlHelper.Object }; var result = await sut.VerifyCode(model) as RedirectResult; Assert.Equal(result.Url, model.ReturnUrl); }
public async Task <IActionResult> VerifyCode(VerifyCodeViewModel model) { // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser); if (result.Succeeded) { return(RedirectToLocal(model.ReturnUrl)); } if (result.IsLockedOut) { _logger.LogWarning(7, "User account locked out."); return(View("Lockout")); } else { ModelState.AddModelError(string.Empty, "Invalid code."); return(View(model)); } }
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model) { try { if (ModelState.IsValid) { var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser); switch (result) { case SignInStatus.Success: return(RedirectToLocal(model.ReturnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Código Inválido."); return(View(model)); } } else { return(View(model)); } } catch (Exception e) { var logVm = new LogViewModel(); logVm.Mensagem = e.Message; logVm.Controller = "Account"; logVm.View = "VerifyCode"; var log = Mapper.Map <LogViewModel, Log>(logVm); _logAppService.SaveOrUpdate(log); return(RedirectToAction("ErroAoCadastrar")); } }
public async Task <ActionResult> VerifyCode(string provider, string returnUrl, bool rememberMe, string userEmail = "") { try { var user = UserManager.FindByEmail(userEmail); var phoneNumber = _portalService.HamtaAnvandaresMobilnummer(user.Id); if (phoneNumber == null) { var errorModel = new CustomErrorPageModel(); errorModel.Information = "Telefonnummer saknas."; return(View("CustomError", errorModel)); } else { var model = new VerifyCodeViewModel(); model.PhoneNumberMasked = _portalService.MaskPhoneNumber(phoneNumber); return(View(model)); } } catch (Exception e) { Console.WriteLine(e); ErrorManager.WriteToErrorLog("AccountController", "VerifyCode", e.ToString(), e.HResult, userEmail); var errorModel = new CustomErrorPageModel { Information = "Ett fel inträffade vid inloggningen", ContactEmail = ConfigurationManager.AppSettings["ContactEmail"], }; return(View("CustomError", errorModel)); } return(View(new VerifyCodeViewModel { Provider = provider, ReturnUrl = returnUrl, RememberMe = rememberMe, UserEmail = userEmail })); }
public async Task <IActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return(View(model)); } var result = await _signManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser); if (result.Succeeded) { return(RedirectToLocal(model.ReturnUrl)); } if (result.IsLockedOut) { _logger.LogWarning(7, "Tài khoản người dùng bị khóa."); return(View("Lockout")); } else { ModelState.AddModelError(string.Empty, "Mã không hợp lệ."); return(View(model)); } }
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return(View(model)); } var loginResult = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser); switch (loginResult) { case SignInStatus.Success: return(Redirect(string.IsNullOrEmpty(model.ReturnUrl) ? "/" : model.ReturnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Kod koji ste uneli nije tačan!"); return(View(model)); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // 下列程式碼保護兩個因素碼不受暴力密碼破解攻擊。 // 如果使用者輸入不正確的代碼來表示一段指定的時間,則使用者帳戶 // 會有一段指定的時間遭到鎖定。 // 您可以在 IdentityConfig 中設定帳戶鎖定設定 var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "代碼無效。"); return View(model); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!this.ModelState.IsValid) { return this.View(model); } // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. // You can configure the account lockout settings in IdentityConfig var result = await this.SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return this.RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return this.View("Lockout"); case SignInStatus.Failure: default: this.ModelState.AddModelError("", "Invalid code."); return this.View(model); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // El código siguiente protege de los ataques por fuerza bruta a los códigos de dos factores. // Si un usuario introduce códigos incorrectos durante un intervalo especificado de tiempo, la cuenta del usuario // se bloqueará durante un período de tiempo especificado. // Puede configurar el bloqueo de la cuenta en IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "Código no válido."); return View(model); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // Приведенный ниже код защищает от атак методом подбора, направленных на двухфакторные коды. // Если пользователь введет неправильные коды за указанное время, его учетная запись // будет заблокирована на заданный период. // Параметры блокирования учетных записей можно настроить в IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "Неправильный код."); return View(model); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // 以下代码可以防范双重身份验证代码遭到暴力破解攻击。 // 如果用户输入错误代码的次数达到指定的次数,则会将 // 该用户帐户锁定指定的时间。 // 可以在 IdentityConfig 中配置帐户锁定设置 var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "代码无效。"); return View(model); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // 次のコードは、2 要素コードに対するブルート フォース攻撃を防ぎます。 // ユーザーが誤ったコードを入力した回数が指定の回数に達すると、ユーザー アカウントは // 指定の時間が経過するまでロックアウトされます。 // アカウント ロックアウトの設定は IdentityConfig の中で構成できます。 var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "無効なコード。"); return View(model); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // O código a seguir protege de ataques de força bruta em relação aos códigos de dois fatores. // Se um usuário inserir códigos incorretos para uma quantidade especificada de tempo, então a conta de usuário // será bloqueado por um período especificado de tempo. // Você pode configurar os ajustes de bloqueio da conta em IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "Código inválido."); return View(model); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // Le code suivant protège des attaques par force brute contre les codes à 2 facteurs. // Si un utilisateur entre des codes incorrects pendant un certain intervalle, le compte de cet utilisateur // est alors verrouillé pendant une durée spécifiée. // Vous pouvez configurer les paramètres de verrouillage du compte dans IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "Code non valide."); return View(model); } }
public async Task <ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return(View(model)); } // The following code protects for brute force attacks against the two factor codes. var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent : model.RememberMe, rememberBrowser : model.RememberBrowser); switch (result) { case SignInStatus.Success: return(RedirectToLocal(model.ReturnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid code."); return(View(model)); } }
public async Task VerifyCodePostRedirectsToReturnUrlWhenTwoFactorSignInAsyncSucceedsAndReturnUrlIsLocalUrl() { var model = new VerifyCodeViewModel { ReturnUrl = "returnUrl" }; var signInManager = CreateSignInManagerMock(); signInManager.Setup(x => x.TwoFactorSignInAsync(It.IsAny<string>(), It.IsAny<string>(), It.IsAny<bool>(), It.IsAny<bool>())).ReturnsAsync(Microsoft.AspNetCore.Identity.SignInResult.Success); var urlHelper = new Mock<IUrlHelper>(); urlHelper.Setup(x => x.IsLocalUrl(model.ReturnUrl)).Returns(true); var sut = new AdminController(null, signInManager.Object, null, null, null) { Url = urlHelper.Object }; var result = await sut.VerifyCode(model) as RedirectResult; Assert.Equal(result.Url, model.ReturnUrl); }
public async Task VerifyCodePostInvokesTwoFactorSignInAsyncWithCorrectParameters() { var model = new VerifyCodeViewModel { Provider = "provider", Code = "code", RememberBrowser = true, RememberMe = true }; var signInManager = CreateSignInManagerMock(); signInManager.Setup(x => x.TwoFactorSignInAsync(It.IsAny<string>(), It.IsAny<string>(), It.IsAny<bool>(), It.IsAny<bool>())).ReturnsAsync(new Microsoft.AspNetCore.Identity.SignInResult()); var sut = new AdminController(null, signInManager.Object, null, null, null); await sut.VerifyCode(model); signInManager.Verify(x => x.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser)); }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!this.ModelState.IsValid) { return this.View(model); } var result = await this.SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, false, model.RememberBrowser); switch (result) { case SignInStatus.Success: return this.RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return this.View("Lockout"); // ReSharper disable once RedundantCaseLabel case SignInStatus.Failure: default: this.ModelState.AddModelError(string.Empty, Common.InvalidCode); return this.View(model); } }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { try { if (!ModelState.IsValid) { return View(model); } // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. // You can configure the account lockout settings in IdentityConfig var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid code."); return View(model); } } catch (ValidationException ex) { throw (ex); } catch (Exception ex) { CommonTools.ErrorReporting(ex); return new HttpStatusCodeResult(System.Net.HttpStatusCode.InternalServerError); } }
public async Task<IActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) return View(model); // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser); if (result.Succeeded) { if (Url.IsLocalUrl(model.ReturnUrl)) { return Redirect(model.ReturnUrl); } return RedirectToAction(nameof(HomeController.Index), "Home"); } if (result.IsLockedOut) { return View("Lockout"); } ModelState.AddModelError("", "Invalid code."); return View(model); }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // 다음 코드는 2단계 코드를 통해 무차별 암호 대입 공격(brute force attack)으로부터 보호합니다. // 사용자가 지정된 시간 동안 잘못된 코드를 입력하면 // 지정된 시간 동안 사용자 계정이 잠깁니다. // IdentityConfig에서 계정 잠금 설정을 구성할 수 있습니다. var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "잘못된 코드입니다."); return View(model); } }
public async Task <ActionResult> Login([FromForm] Login login, [FromQuery] string returnUrl) { TryValidateModel(login); // This required for populate fields on form on post-back WorkContext.Form = Form.FromObject(login); if (!ModelState.IsValid) { return(View("customers/login", WorkContext)); } login.UserName = login.UserName?.Trim(); var user = await _signInManager.UserManager.FindByNameAsync(login.UserName); if (user == null) { WorkContext.Form.Errors.Add(SecurityErrorDescriber.LoginFailed()); return(View("customers/login", WorkContext)); } if (!new CanUserLoginToStoreSpecification(user).IsSatisfiedBy(WorkContext.CurrentStore)) { if (login.ForceLoginToAccountStore) { var store = WorkContext.AllStores.First(x => x.Id == user.StoreId); var url = HttpContext.Request.GetEncodedUrl(); var redirectUrl = _urlBuilder.ToStoreAbsolute(url, store, store.DefaultLanguage); return(RedirectPreserveMethod(redirectUrl)); } WorkContext.Form.Errors.Add(SecurityErrorDescriber.UserCannotLoginInStore()); return(View("customers/login", WorkContext)); } if (new IsUserLockedOutSpecification().IsSatisfiedBy(user)) { return(View("lockedout", WorkContext)); } if (new IsUserSuspendedSpecification().IsSatisfiedBy(user)) { WorkContext.Form.Errors.Add(SecurityErrorDescriber.AccountIsBlocked()); return(View("customers/login", WorkContext)); } var loginResult = await _signInManager.PasswordSignInAsync(login.UserName, login.Password, login.RememberMe, lockoutOnFailure : true); if (loginResult.Succeeded) { await _publisher.Publish(new UserLoginEvent(WorkContext, user)); if (new IsUserPasswordExpiredSpecification().IsSatisfiedBy(user)) { //the sign in operation doesn't change the current request user principal, this only happens on incoming requests when the cookie or bearer token is set. //Need to manually set User in the HttpContext to avoid issues such as Antiforegery cookies generated for anonymous within this request despite the user has already signed in. HttpContext.User = await _signInManager.ClaimsFactory.CreateAsync(user); WorkContext.Form = Form.FromObject(new ResetPassword { Token = await _signInManager.UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword"), Email = user.Email, UserName = user.UserName }); return(View("customers/reset_password", WorkContext)); } return(StoreFrontRedirect(returnUrl)); } if (loginResult.RequiresTwoFactor) { var selectedProvider = _options.TwoFactorAuthenticationNotificationGateway; var userManager = _signInManager.UserManager; var code = await userManager.GenerateTwoFactorTokenAsync(user, selectedProvider); if (string.IsNullOrWhiteSpace(code)) { WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed()); return(View("customers/login", WorkContext)); } NotificationBase twoFactorNotification = null; var veryfyCodeViewModel = new VerifyCodeViewModel { Provider = selectedProvider, ReturnUrl = returnUrl, RememberMe = login.RememberMe, Username = login.UserName }; if (veryfyCodeViewModel.Provider.EqualsInvariant("Phone")) { var phoneNumber = await userManager.GetPhoneNumberAsync(user); if (string.IsNullOrEmpty(phoneNumber)) { // Do not tell we have this user without phone WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed()); return(View("customers/login", WorkContext)); } twoFactorNotification = new TwoFactorSmsNotification(WorkContext.CurrentStore.Id, WorkContext.CurrentLanguage) { Token = code, Recipient = phoneNumber, }; } else // "Email" { twoFactorNotification = new TwoFactorEmailNotification(WorkContext.CurrentStore.Id, WorkContext.CurrentLanguage) { Token = code, Sender = WorkContext.CurrentStore.Email, Recipient = GetUserEmail(user) }; } var sendingResult = await SendNotificationAsync(twoFactorNotification); if (sendingResult.IsSuccess != true) { WorkContext.Form.Errors.Add(SecurityErrorDescriber.ErrorSendNotification(sendingResult.ErrorMessage)); return(View("customers/login", WorkContext)); } WorkContext.Form = Form.FromObject(veryfyCodeViewModel); return(View("customers/verify_code", WorkContext)); } WorkContext.Form.Errors.Add(SecurityErrorDescriber.LoginFailed()); return(View("customers/login", WorkContext)); }
public async Task <ActionResult> Login([FromForm] Login login, string returnUrl) { TryValidateModel(login); // This required for populate fields on form on post-back WorkContext.Form = Form.FromObject(login); if (!ModelState.IsValid) { return(View("customers/login", WorkContext)); } login.UserName = login.UserName?.Trim(); var loginResult = await _signInManager.PasswordSignInAsync(login.UserName, login.Password, login.RememberMe, lockoutOnFailure : true); if (loginResult.Succeeded) { var user = await _signInManager.UserManager.FindByNameAsync(login.UserName); // Check that current user can sing in to current store if (new CanUserLoginToStoreSpecification(user).IsSatisfiedBy(WorkContext.CurrentStore) && new IsUserSuspendedSpecification().IsSatisfiedBy(user) == false) { await _publisher.Publish(new UserLoginEvent(WorkContext, user)); return(StoreFrontRedirect(returnUrl)); } else { WorkContext.Form.Errors.Add(SecurityErrorDescriber.UserCannotLoginInStore()); await _signInManager.SignOutAsync(); loginResult = Microsoft.AspNetCore.Identity.SignInResult.NotAllowed; } } if (loginResult.RequiresTwoFactor) { var user = await _signInManager.UserManager.FindByNameAsync(login.UserName); if (user == null) { WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed()); return(View("customers/login", WorkContext)); } var selectedProvider = _options.TwoFactorAuthenticationNotificationGateway; var userManager = _signInManager.UserManager; var code = await userManager.GenerateTwoFactorTokenAsync(user, selectedProvider); if (string.IsNullOrWhiteSpace(code)) { WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed()); return(View("customers/login", WorkContext)); } NotificationBase twoFactorNotification = null; var veryfyCodeViewModel = new VerifyCodeViewModel { Provider = selectedProvider, ReturnUrl = returnUrl, RememberMe = login.RememberMe, Username = login.UserName }; if (veryfyCodeViewModel.Provider.EqualsInvariant("Phone")) { var phoneNumber = await userManager.GetPhoneNumberAsync(user); if (string.IsNullOrEmpty(phoneNumber)) { // Do not tell we have this user without phone WorkContext.Form.Errors.Add(SecurityErrorDescriber.OperationFailed()); return(View("customers/login", WorkContext)); } twoFactorNotification = new TwoFactorSmsNotification(WorkContext.CurrentStore.Id, WorkContext.CurrentLanguage) { Token = code, Recipient = phoneNumber, }; } else // "Email" { twoFactorNotification = new TwoFactorEmailNotification(WorkContext.CurrentStore.Id, WorkContext.CurrentLanguage) { Token = code, Sender = WorkContext.CurrentStore.Email, Recipient = GetUserEmail(user) }; } var sendingResult = await SendNotificationAsync(twoFactorNotification); if (sendingResult.IsSuccess != true) { WorkContext.Form.Errors.Add(SecurityErrorDescriber.ErrorSendNotification(sendingResult.ErrorMessage)); return(View("customers/login", WorkContext)); } WorkContext.Form = Form.FromObject(veryfyCodeViewModel); return(View("customers/verify_code", WorkContext)); } if (loginResult.IsLockedOut) { return(View("lockedout", WorkContext)); } if (loginResult is CustomSignInResult signInResult && signInResult.IsRejected) { WorkContext.Form.Errors.Add(SecurityErrorDescriber.AccountIsBlocked()); } WorkContext.Form.Errors.Add(SecurityErrorDescriber.LoginFailed()); return(View("customers/login", WorkContext)); }
public async Task <IActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return(View(model)); } var user = await _signInManager.GetTwoFactorAuthenticationUserAsync(); // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser); if (result.Succeeded) { // check if we are in the context of an authorization request var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id.ToString(), user.UserName, clientId : context?.Client.ClientId)); // only set explicit expiration here if user chooses "remember me". // otherwise we rely upon expiration configured in cookie middleware. AuthenticationProperties props = null; if (AccountOptions.AllowRememberLogin && model.RememberMe) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } // issue authentication cookie with subject ID and username var isuser = new IdentityServerUser(user.Id.ToString()) { DisplayName = user.UserName, }; await HttpContext.SignInAsync(isuser, props); if (context != null) { if (context.IsNativeClient()) { // The client is native, so this change in how to // return the response is for better UX for the end user. return(this.LoadingPage("Redirect", model.ReturnUrl)); } // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null return(Redirect(model.ReturnUrl)); } // request for a local page if (Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } else if (string.IsNullOrEmpty(model.ReturnUrl)) { return(Redirect("~/")); } else { // user might have clicked on a malicious link - should be logged throw new Exception("invalid return URL"); } return(RedirectToLocal(model.ReturnUrl)); } if (result.IsLockedOut) { _logger.LogWarning(7, "User account locked out."); return(View("Lockout")); } else { ModelState.AddModelError(string.Empty, "Invalid code."); return(View(model)); } }
public async Task<ActionResult> VerifyCode(string provider, string returnUrl, bool rememberMe) { // Require that the user has already logged in via username/password or external login if (!await this.SignInManager.HasBeenVerifiedAsync()) { return this.View("Error"); } var model = new VerifyCodeViewModel { Provider = provider, ReturnUrl = returnUrl, RememberMe = rememberMe }; return this.View(model); }
public async Task<IActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // The following code protects for brute force attacks against the two factor codes. // If a user enters incorrect codes for a specified amount of time then the user account // will be locked out for a specified amount of time. var result = await _signInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser); if (result.Succeeded) { return RedirectToLocal(model.ReturnUrl); } if (result.IsLockedOut) { _logger.LogWarning(7, "User account locked out."); return View("Lockout"); } else { ModelState.AddModelError(string.Empty, "Invalid code."); return View(model); } }
public async Task<ActionResult> VerifyRegistrationCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } var user = await UserManager.FindByEmailAsync(model.Email); if (user == null) { ModelState.AddModelError("", ApplicationMessages.UserNotFoundForGivenEmail); return View(model); } if (user.PhoneNumberConfirmed) { ModelState.AddModelError("", ApplicationMessages.UserAlreadyConfirmed); return View(model); } var result = await UserManager.ConfirmPhoneNumberAsync(user.Id, model.Code); if (result.Succeeded) { await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false); await UserManager.SendSmsAsync(user.Id, ApplicationMessages.SignupComplete); return RedirectToAction("Status"); } else { AddErrors(result); return View(model); } }
public Task <ActionResult> VerifyCodeTest01([PexAssumeUnderTest] AccountController target, VerifyCodeViewModel model) { Task <ActionResult> result = target.VerifyCode(model); return(result); // TODO: aggiungere asserzioni a metodo AccountControllerTest.VerifyCodeTest01(AccountController, VerifyCodeViewModel) }
public async Task<ActionResult> VerifyCode(VerifyCodeViewModel model) { if (!ModelState.IsValid) { return View(model); } // Der folgende Code schützt vor Brute-Force-Angriffen der zweistufigen Codes. // Wenn ein Benutzer in einem angegebenen Zeitraum falsche Codes eingibt, wird das Benutzerkonto // für einen bestimmten Zeitraum gesperrt. // Sie können die Einstellungen für Kontosperren in "IdentityConfig" konfigurieren. var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: model.RememberMe, rememberBrowser: model.RememberBrowser); switch (result) { case SignInStatus.Success: return RedirectToLocal(model.ReturnUrl); case SignInStatus.LockedOut: return View("Lockout"); case SignInStatus.Failure: default: ModelState.AddModelError("", "Ungültiger Code."); return View(model); } }