/// <summary>
/// Çoklu doğrulama için gönderilecek mesajdır. Msg'da string format için {0} ifadesi yer almalıdır.
/// </summary>
/// <param name="principleInfo"></param>
/// <param name="msg"></param>
/// <returns></returns>
public void SendMFACode(PxPrincipalInfo principleInfo, string msg)
{
FesMultiFAParameter parameter = JsonConvert.DeserializeObject <FesMultiFAParameter>(PxConfigurationManager.PxConfig.Authentication.MultiFA.Parameter);
if (parameter == null)
{
throw AuthExceptions.MFAParameterNotFound();
}
if (principleInfo == null)
{
throw AuthExceptions.PrincipleInfoNotFound();
}
if (string.IsNullOrEmpty(msg))
{
msg = PxConfigurationManager.PxConfig.Authentication.MultiFA.Message;
}
string refNo = generateReferenceNo(principleInfo.UserId);
string verificationCode = Toolkit.Instance.GenerateRandomNumber(6).ToString();
string encryptedVerificationCode = encryptVerificationCode(verificationCode, principleInfo.PhoneNumber);
string message = string.Format(msg, string.Format("#{0}#", encryptedVerificationCode));
MFAWebServiceResult result = null;
using (MFAWebServicesClient svcClient = new MFAWebServicesClient(MFAWebServicesClient.EndpointConfiguration.MFAWebServicesSoapHttpPort, new System.ServiceModel.EndpointAddress(parameter.FesServiceUrl))) {
result = svcClient.MFAWebSrvAsync(parameter.FesUser, parameter.FesUserPassword, parameter.FesServiceId, parameter.FesEnvironment, prepareInputXmlForFes(message, parameter.FesProjectId, principleInfo.PhoneNumber)).Result;
}
using (PeakDbContext dbContext = new PeakDbContext()) {
MFAMessage mfa = new MFAMessage()
{
Date = DateTime.Now,
IsUsed = false,
PhoneNumber = principleInfo.PhoneNumber,
UserId = principleInfo.UserId,
RereferenceCode = refNo,
VerificationCode = encryptedVerificationCode
};
dbContext.MFAMessages.Add(mfa);
dbContext.SaveChanges();
}
if (result.errorCode != "0")
{
throw new PxUnexpectedErrorException(new Exception(result.errorMsg));
}
principleInfo.Authentication.MFAReferenceCode = refNo;
PxSession session = PxSession.Get();
session.Principal = principleInfo;
PxSession.Save(session);
}
/// <summary>
///
/// </summary>
/// <param name="principleInfo"></param>
/// <param name="verificationCode"></param>
public void CheckMFACode(PxPrincipalInfo principleInfo, string verificationCode)
{
using (PeakDbContext dbContext = new PeakDbContext()) {
MFAMessage mfa = dbContext.MFAMessages.FirstOrDefault(x => x.RereferenceCode == principleInfo.Authentication.MFAReferenceCode && x.UserId == principleInfo.UserId && !x.IsUsed);
if (mfa == null)
{
throw AuthExceptions.InvalidMFAReferenceNo();
}
User usr = dbContext.Users.FirstOrDefault(x => x.Id == principleInfo.UserId);
if (usr.PasswordState == PasswordState.Blocked)
{
throw AuthExceptions.MFAUserBlocked();
}
if (DateTime.Now > mfa.Date.AddMinutes(PxConfigurationManager.PxConfig.Authentication.MultiFA.CodeValidDuration))
{
throw AuthExceptions.MFACodeExpired();
}
string encryptedVerificationCode = encryptVerificationCode(verificationCode, principleInfo.PhoneNumber);
if (!string.Equals(encryptedVerificationCode, mfa.VerificationCode))
{
usr.MFATryCount++;
if (usr.MFATryCount >= PxConfigurationManager.PxConfig.Authentication.Policy.MaxFailedMFAAttemptCount)
{
usr.MFATryCount = 0;
usr.PasswordState = PasswordState.Blocked;
dbContext.SaveChanges();
throw AuthExceptions.MFAUserBlocked();
}
dbContext.SaveChanges();
throw AuthExceptions.MFAAuthenticationFailed();
}
usr.MFATryCount = 0;
dbContext.SaveChanges();
}
principleInfo.Authentication.IsMFAAuthenticationCompleted = true;
PxSession session = PxSession.Get();
session.Principal = principleInfo;
PxSession.Save(session);
}
