public async Task <ActionResult> BeginDelistingCurrency(UpdateListingStatusModel model)
{
if (!ModelState.IsValid)
{
return(View("DelistCurrencyModal", model));
}
if (model.DelistOn == null)
{
ModelState.AddModelError(nameof(model.DelistOn), "A delist date is required");
return(View("DelistCurrencyModal", model));
}
var isAuthenticated = await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(AuthenticatedFeatureType.Delisting, model.TwoFactorCode);
if (!isAuthenticated)
{
ModelState.AddModelError(nameof(model.TwoFactorCode), "Invalid code");
return(View("DelistCurrencyModal", model));
}
var result = await AdminCurrencyWriter.BeginDelistingCurrency(User.Identity.GetUserId(), model);
if (!ModelState.IsWriterResultValid(result))
{
return(View("DelistCurrencyModal", model));
}
return(CloseModalSuccess(result.Message));
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
#if !DEBUG
if (!CryptopiaAuthenticationHelper.ValidateCaptcha())
{
ModelState.AddModelError("", "Invalid reCaptcha");
return(View(model));
}
if (!ModelState.IsValid)
{
return(View(model));
}
#endif
var user = await UserManager.FindByEmailAsync(model.EmailAddress);
if (user == null || user.IsDisabled || !await UserManager.IsInRoleAsync(user.Id, "Admin") || !await UserManager.CheckPasswordAsync(user, model.Password))
{
ModelState.AddModelError("", "Email or password was invalid.");
return(View(model));
}
// is the user locked out
if (await UserManager.IsLockedOutAsync(user.Id))
{
ModelState.AddModelError("", "Locked Out.");
return(View(model));
}
await UserSyncService.SyncUser(user.Id);
await UserManager.ResetAccessFailedCountAsync(user.Id);
#if !DEBUG
if (!await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(user.Id, model.TwoFactor))
{
ModelState.AddModelError("", "Two factor token incorrect.");
return(View(model));
}
#endif
await SignInAsync(user, false);
if (string.IsNullOrEmpty(returnUrl))
{
return(RedirectToAction("Index", "Support"));
}
return(RedirectToLocal(returnUrl));
}
public async Task <bool> VerifyUserTwoFactorCodeAsync(TwoFactorComponent component, string userid, string data, string data2)
{
var user = await FindByIdAsync(userid);
if (user == null)
{
return(false);
}
var twofactorMethod = user.TwoFactor.FirstOrDefault(x => x.Component == component);
if (twofactorMethod == null || twofactorMethod.Type == TwoFactorType.None)
{
return(true);
}
if (twofactorMethod.Type == TwoFactorType.PinCode)
{
return(twofactorMethod.Data == data);
}
if (twofactorMethod.Type == TwoFactorType.EmailCode)
{
return(await VerifyTwoFactorTokenAsync(userid, twofactorMethod.Type.ToString(), data));
}
if (twofactorMethod.Type == TwoFactorType.GoogleCode)
{
return(GoogleAuthenticationHelper.VerifyGoogleTwoFactorCode(twofactorMethod.Data, data));
}
if (twofactorMethod.Type == TwoFactorType.CryptopiaCode)
{
return(await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(userid, data));
}
if (twofactorMethod.Type == TwoFactorType.Password)
{
return(PasswordHasher.VerifyHashedPassword(user.PasswordHash, data) != PasswordVerificationResult.Failed);
}
if (twofactorMethod.Type == TwoFactorType.Question)
{
return(data.Equals(twofactorMethod.Data2, StringComparison.OrdinalIgnoreCase) && data2.Equals(twofactorMethod.Data4, StringComparison.OrdinalIgnoreCase));
}
return(false);
}
public async Task <ActionResult> BlockIpAddress(BlockIpAddressModel model)
{
if (!ModelState.IsValid)
{
return(View("BlockIpAddressModal", model));
}
if (!await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(AuthenticatedFeatureType.BlacklistIP, model.AuthenticationCode))
{
ModelState.AddModelError("", "Two factor token incorrect.");
return(View("BlockIpAddressModal", model));
}
await Writer.BlacklistIpAddress(User.Identity.GetUserId(), model.Address);
return(CloseModalSuccess($"Ip Address {model.Address} successfully blocked."));
}
public async Task <ActionResult> VerifyCryptopiaCode(string serialNumber, string code)
{
var userId = User.Identity.GetUserId();
using (var context = new ApplicationDbContext())
{
if (!await context.TwoFactorCode.AnyAsync(x => x.UserId == userId && x.SerialNumber == serialNumber))
{
return(JsonError(Resources.Authorization.twoFactorCryptopiaInvalidSerialError));
}
}
if (await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(User.Identity.GetUserId(), code))
{
return(JsonSuccess(Resources.Authorization.twoFactorCryptopiaActivatedMessage));
}
return(JsonError(Resources.Authorization.twoFactorCryptopiaInvaidCodeError));
}
public async Task <ActionResult> Contact(ContactModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
if (!CryptopiaAuthenticationHelper.ValidateCaptcha())
{
ModelState.AddModelError("", Resources.Home.contactReCaptchaError);
return(View(model));
}
if (!await SendSystemEmailAsync(EmailTemplateType.ContactRequest, SystemEmailType.Email_Contact, model.Email, model.Subject, model.Message))
{
ModelState.AddModelError("", Resources.Home.contactFailedMessage);
return(View(model));
}
ModelState.AddModelError("Success", Resources.Home.contactSuccessMessage);
return(RedirectToAction("Contact", new { success = true }));
}
public async Task <ActionResult> ForgotPassword(ForgotPasswordViewModel model)
{
if (!CryptopiaAuthenticationHelper.ValidateCaptcha())
{
ModelState.AddModelError("", Resources.Authorization.reCaptchaError);
return(View(model));
}
if (!ModelState.IsValid)
{
return(View(model));
}
if (ModelState.IsValid)
{
var message = new ViewMessageModel(ViewMessageType.Info, Resources.Authorization.resetTitle,
Resources.Authorization.resetMessage);
var user = await UserManager.FindByEmailAsync(model.Email);
if (user == null || !(await UserManager.IsEmailConfirmedAsync(user.Id)) || user.IsDisabled)
{
// Don't reveal that the user does not exist or is not confirmed
return(ViewMessage(message));
}
var resetPasswordToken = Url.Action("ResetPassword", "Login",
new { code = await UserManager.GeneratePasswordResetTokenAsync(user.Id) }, protocol: Request.Url.Scheme);
await SendEmailAsync(EmailTemplateType.PasswordReset, null, user.Email, user.Id, user.UserName, resetPasswordToken);
return(ViewMessage(message));
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public async Task <ActionResult> SendSupportRequest(SupportModel model)
{
if (!ModelState.IsValid)
{
return(View("Support", model));
}
if (!CryptopiaAuthenticationHelper.ValidateCaptcha())
{
ModelState.AddModelError("", Resources.Support.supportReCaptchaError);
return(View("Support", model));
}
if (!await SendSystemEmailAsync(EmailTemplateType.SupportRequest, SystemEmailType.Email_System, model.Email, model.Subject, model.Message))
{
model.IsError = true;
model.Result = Resources.Support.supportFailedError;
return(View("Support", model));
}
ModelState.Clear();
return(View("Support", new SupportModel {
Result = Resources.Support.supportSuccessMessage
}));
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!CryptopiaAuthenticationHelper.ValidateCaptcha())
{
ModelState.AddModelError("", Resources.Authorization.reCaptchaError);
return(View(model));
}
if (!ModelState.IsValid)
{
return(View(model));
}
var user = await UserManager.FindByEmailAsync(model.EmailAddress);
if (user != null && !user.IsDisabled)
{
// is the users email confirmed
if (!await UserManager.IsEmailConfirmedAsync(user.Id))
{
ModelState.AddModelError("", Resources.Authorization.loginConfirmationEmailSentMessage);
return(View(model));
}
// is the user locked out
if (await UserManager.IsLockedOutAsync(user.Id))
{
var expires = user.LockoutEndDateUtc.HasValue
? (user.LockoutEndDateUtc.Value - DateTime.UtcNow).ToReadableString()
: TimeSpan.FromHours(24).ToReadableString();
ModelState.AddModelError("", Resources.Authorization.loginAccountIsLockedError);
ModelState.AddModelError("", Resources.Authorization.loginAccountLockExpiresError + ' ' + expires);
return(View(model));
}
// is the password correct
if (await UserManager.CheckPasswordAsync(user, model.Password))
{
await UserSyncService.SyncUser(user.Id);
await UserManager.ResetAccessFailedCountAsync(user.Id);
var loginTwoFactor = user.TwoFactor.FirstOrDefault(x => x.Component == TwoFactorComponent.Login);
if (loginTwoFactor != null && loginTwoFactor.Type != TwoFactorType.None)
{
SetTwoFactorLoginAuthCookie(user.Id);
if (loginTwoFactor.Type == TwoFactorType.EmailCode)
{
var code = await GenerateUserTwoFactorCodeAsync(TwoFactorType.EmailCode, user.Id, true);
await SendEmailAsync(EmailTemplateType.TwoFactorLogin, null, loginTwoFactor.Data, user.Id, user.UserName, code);
}
return(RedirectToAction("VerifyLoginTwoFactor"));
}
// No twofactor just sign in
await SignInAsync(user, false);
if (string.IsNullOrEmpty(returnUrl))
{
return(RedirectToAction("Index", "Home"));
}
return(RedirectToLocal(returnUrl));
}
else
{
await UserManager.AccessFailedAsync(user.Id);
if (await UserManager.IsLockedOutAsync(user.Id))
{
await HandleAccountLockout(user);
return(View(model));
}
ModelState.AddModelError("", string.Format(Resources.Authorization.loginFailedError, UserManager.MaxFailedAccessAttemptsBeforeLockout - user.AccessFailedCount));
await SendEmailAsync(EmailTemplateType.LogonFail, null, user.Email, user.Id, user.UserName, user.AccessFailedCount, UserManager.MaxFailedAccessAttemptsBeforeLockout - user.AccessFailedCount);
return(View(model));
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", Resources.Authorization.loginFailedError);
return(View(model));
}
public async Task <ActionResult> Register(RegisterViewModel model)
{
if (!CryptopiaAuthenticationHelper.ValidateCaptcha())
{
ModelState.AddModelError("", Resources.Authorization.reCaptchaError);
return(View(model));
}
if (!ModelState.IsValid)
{
return(View(model));
}
var existing = await UserManager.FindByHandleAsync(model.UserName);
if (existing != null)
{
ModelState.AddModelError("", string.Format(Resources.Authorization.registerUserNameExistsError, model.UserName));
return(View(model));
}
var baseEmail = model.EmailAddress.Split('@');
if (baseEmail != null && baseEmail.Any() && baseEmail.Count() == 2)
{
var cleanEmail = string.Format("{0}@{1}", baseEmail[0].Replace(".", ""), baseEmail[1]);
var existinEmail = await UserManager.FindByEmailAsync(cleanEmail);
if (existinEmail != null)
{
ModelState.AddModelError("", string.Format(Resources.Authorization.registerEmailExistsError, model.EmailAddress));
return(View(model));
}
}
var user = new ApplicationUser
{
UserName = model.UserName,
Email = model.EmailAddress,
ChatHandle = model.UserName,
MiningHandle = model.UserName,
RegisterDate = DateTime.UtcNow,
Referrer = string.IsNullOrEmpty(model.Referrer) ? "System" : model.Referrer,
DisableWithdrawEmailConfirmation = false,
DisableRewards = true,
DisableLogonEmail = true,
IsUnsafeWithdrawEnabled = true,
VerificationLevel = VerificationLevel.Level1
};
user.Settings = new UserSettings
{
HideZeroBalance = false,
ShowFavoriteBalance = false,
Theme = SiteTheme.Light,
Id = user.Id,
DefaultMineShaft = 0,
DefaultTradepair = 0
};
user.Profile = new UserProfile
{
Id = user.Id,
IsPublic = false
};
user.TwoFactor = new List <UserTwoFactor>();
foreach (TwoFactorComponent twoFactorComponent in Enum.GetValues(typeof(TwoFactorComponent)))
{
user.TwoFactor.Add(new UserTwoFactor
{
UserId = user.Id,
Component = twoFactorComponent,
Type = TwoFactorType.PinCode,
IsEnabled = true,
Data = model.PinCode
});
}
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
var callbackUrl = Url.Action("RegisterConfirmEmail", "Login", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
if (await SendEmailAsync(EmailTemplateType.Registration, null, user.Email, user.Id, user.UserName, callbackUrl))
{
return(ViewMessage(new ViewMessageModel(ViewMessageType.Info, Resources.Authorization.registerEmailConfirmationTitle, string.Format(Resources.Authorization.registerEmailConfirmationMessage, user.Email))));
}
ModelState.AddModelError("", Resources.Authorization.registerEmailConfirmationError);
}
AddErrors(result);
return(View(model));
}
