public async Task <IActionResult> ConfirmApiKeyCreation(string code) { if (code == null) { return(RedirectToAction(nameof(HomeController.Index), "Home")); } var apiKeyReq = _context.ApiKeyCreationRequests.SingleOrDefault(r => r.Secret == code); if (apiKeyReq != null && !apiKeyReq.Completed && !ApiKeyCreationRequestExpired(apiKeyReq)) { var user = await _userManager.FindByIdAsync(apiKeyReq.ApplicationUserId); var model = new ConfirmApiKeyCreationViewModel { Code = code, DeviceName = apiKeyReq.RequestedDeviceName, TwoFactorRequired = user.TwoFactorEnabled }; return(View(model)); } this.FlashError("Invalid API KEY code"); return(RedirectToAction(nameof(HomeController.Index), "Home")); }
public async Task <IActionResult> ConfirmApiKeyCreation(ConfirmApiKeyCreationViewModel model) { if (model.Code == null) { return(RedirectToAction(nameof(HomeController.Index), "Home")); } var apiKeyReq = _context.ApiKeyCreationRequests.SingleOrDefault(r => r.Secret == model.Code); if (apiKeyReq != null && !apiKeyReq.Completed && !ApiKeyCreationRequestExpired(apiKeyReq)) { // check 2fa authentication var user = await _userManager.FindByIdAsync(apiKeyReq.ApplicationUserId); if (user.TwoFactorEnabled) { if (model.TwoFactorCode == null) { model.TwoFactorCode = ""; } var authenticatorCode = model.TwoFactorCode.Replace(" ", string.Empty).Replace("-", string.Empty); if (!await _userManager.VerifyTwoFactorTokenAsync(user, _userManager.Options.Tokens.AuthenticatorTokenProvider, authenticatorCode)) { this.FlashError($"Invalid authenticator code"); return(View(model)); } } _logger.LogInformation("User confrimed a new apikey with api."); apiKeyReq.Completed = true; _context.ApiKeyCreationRequests.Update(apiKeyReq); _context.SaveChanges(); this.FlashSuccess($"API KEY ({model.DeviceName}) confirmed"); return(RedirectToAction(nameof(HomeController.Index), "Home")); } this.FlashError("Invalid API KEY code"); return(RedirectToAction(nameof(HomeController.Index), "Home")); }