Example #1
0
        public async Task <WebStatus> AuthenticateCodeAsync(AuthenticateInputModel model)
        {
            _logger.LogDebug("Begin one time code authentication for {0}", model.Username);

            var genericErrorMessage = _localizer["The username or one time code wasn't right."];
            var userResponse        = await _userStore.GetUserByUsernameAsync(model.Username);

            if (userResponse.HasError)
            {
                await _eventNotificationService.NotifyEventAsync(model.Username, EventType.AccountNotFound, nameof(AuthenticateCodeAsync));

                _logger.LogDebug("User not found: {0}", model.Username);
                return(Unauthenticated(genericErrorMessage));
            }

            var user = userResponse.Result;

            model.OneTimeCode = model.OneTimeCode.Replace(" ", "");
            var response = await _oneTimeCodeService.CheckOneTimeCodeAsync(user.Email, model.OneTimeCode, _httpContext.Request.GetClientNonce());

            switch (response.Status.StatusCode)
            {
            case CheckOneTimeCodeStatusCode.VerifiedWithNonce:
            case CheckOneTimeCodeStatusCode.VerifiedWithoutNonce:
                var nonceWasValid = response.Status.StatusCode == CheckOneTimeCodeStatusCode.VerifiedWithNonce;
                await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInSuccess, SignInType.OneTimeCode.ToString());

                return(await SignInAndRedirectAsync(SignInMethod.OneTimeCode, model.Username, model.StaySignedIn, response.Result.RedirectUrl, nonceWasValid));

            case CheckOneTimeCodeStatusCode.Expired:
                await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInFail, SignInType.OneTimeCode.ToString());

                return(Unauthenticated(_localizer["Your one time code has expired. Please request a new one."]));

            case CheckOneTimeCodeStatusCode.CodeIncorrect:
            case CheckOneTimeCodeStatusCode.NotFound:
                await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInFail, SignInType.OneTimeCode.ToString());

                return(Unauthenticated(genericErrorMessage));

            case CheckOneTimeCodeStatusCode.ShortCodeLocked:
                return(Unauthenticated(_localizer["The one time code is locked. Please request a new one after a few minutes."]));

            case CheckOneTimeCodeStatusCode.ServiceFailure:
            default:
                return(ServerError(_localizer["Something went wrong."]));
            }
        }
Example #2
0
        public async Task <WebStatus> AuthenticateAsync(AuthenticatePasswordInputModel model)
        {
            _logger.LogDebug("Begin authentication for {0}", model.Username);

            var oneTimeCode = model.Password.Replace(" ", "");

            if (oneTimeCode.Length == PasswordlessLoginConstants.OneTimeCode.ShortCodeLength && oneTimeCode.All(Char.IsDigit))
            {
                _logger.LogDebug("Password was a one time code.");
                var input = new AuthenticateInputModel()
                {
                    Username     = model.Username,
                    OneTimeCode  = oneTimeCode,
                    StaySignedIn = model.StaySignedIn
                };
                return(await AuthenticateCodeAsync(input));
            }
            else
            {
                _logger.LogDebug("Password was not a six-digit number");
                return(await AuthenticatePasswordAsync(model));
            }
        }