public string TfaAppNewApp(TfaModel model)
{
var isMe = model.Id.Equals(Guid.Empty);
var user = CoreContext.UserManager.GetUsers(isMe ? SecurityContext.CurrentAccount.ID : model.Id);
if (!isMe && !SecurityContext.CheckPermissions(Tenant, new UserSecurityProvider(user.ID), Constants.Action_EditUser))
{
throw new SecurityAccessDeniedException(Resource.ErrorAccessDenied);
}
if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppUserSettings.EnableForUser(user.ID))
{
throw new Exception(Resource.TfaAppNotAvailable);
}
if (user.IsVisitor(Tenant) || user.IsOutsider(Tenant))
{
throw new NotSupportedException("Not available.");
}
TfaAppUserSettings.DisableForUser(user.ID);
MessageService.Send(MessageAction.UserDisconnectedTfaApp, MessageTarget.Create(user.ID), user.DisplayUserName(false));
if (isMe)
{
return(CommonLinkUtility.GetConfirmationUrl(Tenant.TenantId, user.Email, ConfirmType.TfaActivation));
}
StudioNotifyService.SendMsgTfaReset(Tenant.TenantId, user);
return(string.Empty);
}
protected void Page_Load(object sender, EventArgs e)
{
if (SecurityContext.IsAuthenticated && User.ID != SecurityContext.CurrentAccount.ID)
{
Response.Redirect(GetRefererURL(), true);
return;
}
if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppAuthSettings.Enable)
{
Response.Redirect(GetRefererURL(), true);
return;
}
if (!Activation && !TfaAppUserSettings.EnableForUser(User.ID))
{
Response.Redirect(GetRefererURL(), true);
return;
}
var authCommunications = (AuthCommunications)LoadControl(AuthCommunications.Location);
authCommunications.DisableJoin = true;
_communitations.Controls.Add(authCommunications);
AjaxPro.Utility.RegisterTypeForAjax(GetType());
Page.RegisterBodyScripts("~/UserControls/Management/TfaControls/js/confirmtfa.js")
.RegisterStyle("~/UserControls/Management/TfaControls/css/confirmtfa.less");
if (Activation)
{
SetupCode = User.GenerateSetupCode(300);
}
}
public static string TfaConfirmUrl(UserInfo user)
{
if (user == null)
{
return(string.Empty);
}
var confirmType = TfaAppUserSettings.EnableForUser(user.ID)
? ConfirmType.TfaAuth
: ConfirmType.TfaActivation;
return(CommonLinkUtility.GetConfirmationUrl(user.Email, confirmType));
}
public IEnumerable <object> TfaAppGetCodes()
{
var currentUser = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID);
if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppUserSettings.EnableForUser(currentUser.ID))
{
throw new Exception(Resource.TfaAppNotAvailable);
}
if (currentUser.IsVisitor(ApiContext.Tenant) || currentUser.IsOutsider(ApiContext.Tenant))
{
throw new NotSupportedException("Not available.");
}
return(TfaAppUserSettings.LoadForCurrentUser().CodesSetting.Select(r => new { r.IsUsed, r.Code }).ToList());
}
public IEnumerable <object> TfaAppRequestNewCodes()
{
var currentUser = CoreContext.UserManager.GetUsers(Tenant.TenantId, SecurityContext.CurrentAccount.ID);
if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppUserSettings.EnableForUser(currentUser.ID))
{
throw new Exception(Resource.TfaAppNotAvailable);
}
if (currentUser.IsVisitor(Tenant) || currentUser.IsOutsider(Tenant))
{
throw new NotSupportedException("Not available.");
}
var codes = currentUser.GenerateBackupCodes().Select(r => new { r.IsUsed, r.Code }).ToList();
MessageService.Send(MessageAction.UserConnectedTfaApp, MessageTarget.Create(currentUser.ID), currentUser.DisplayUserName(false));
return(codes);
}
protected void Page_Load(object sender, EventArgs e)
{
if (UserProfileHelper == null)
{
UserProfileHelper = new ProfileHelper(SecurityContext.CurrentAccount.ID.ToString());
}
UserInfo = UserProfileHelper.UserInfo;
ShowSocialLogins = UserInfo.IsMe();
EnableOauth = CoreContext.Configuration.Standalone ||
CoreContext.TenantManager.GetTenantQuota(TenantProvider.CurrentTenantID).Oauth;
TariffPageLink = TenantExtra.GetTariffPageLink();
IsAdmin = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsAdmin() ||
WebItemSecurity.IsProductAdministrator(WebItemManager.PeopleProductID, SecurityContext.CurrentAccount.ID);
IsVisitor = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsVisitor();
if (!IsAdmin && (UserInfo.Status != EmployeeStatus.Active))
{
Response.Redirect(CommonLinkUtility.GetFullAbsolutePath("~/Products/People/"), true);
}
Role = GetRole();
Actions = new AllowedActions(UserInfo);
LdapFields = ASC.ActiveDirectory.Base.Settings.LdapSettings.GetImportedFields;
HappyBirthday = CheckHappyBirthday();
ContactPhones.DataSource = UserProfileHelper.Phones;
ContactPhones.DataBind();
ContactEmails.DataSource = UserProfileHelper.Emails;
ContactEmails.DataBind();
ContactMessengers.DataSource = UserProfileHelper.Messengers;
ContactMessengers.DataBind();
ContactSoccontacts.DataSource = UserProfileHelper.Contacts;
ContactSoccontacts.DataBind();
_deleteProfileContainer.Options.IsPopup = true;
Page.RegisterStyle("~/UserControls/Users/UserProfile/css/userprofilecontrol_style.less")
.RegisterBodyScripts(VirtualPathUtility.ToAbsolute("~/UserControls/Users/UserProfile/js/userprofilecontrol.js"));
if (Actions.AllowEdit)
{
_editControlsHolder.Controls.Add(LoadControl(PwdTool.Location));
}
if (Actions.AllowEdit || (UserInfo.IsOwner() && IsAdmin))
{
var control = (UserEmailChange)LoadControl(UserEmailChange.Location);
control.UserInfo = UserInfo;
control.RegisterStylesAndScripts = false;
userEmailChange.Controls.Add(control);
}
if (ShowSocialLogins && AccountLinkControl.IsNotEmpty)
{
var accountLink = (AccountLinkControl)LoadControl(AccountLinkControl.Location);
accountLink.ClientCallback = "loginCallback";
accountLink.SettingsView = true;
_accountPlaceholder.Controls.Add(accountLink);
}
var emailControl = (UserEmailControl)LoadControl(UserEmailControl.Location);
emailControl.User = UserInfo;
emailControl.Viewer = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID);
_phEmailControlsHolder.Controls.Add(emailControl);
var photoControl = (LoadPhotoControl)LoadControl(LoadPhotoControl.Location);
photoControl.User = UserInfo;
loadPhotoWindow.Controls.Add(photoControl);
if (UserInfo.IsMe() && SetupInfo.EnabledCultures.Count > 1)
{
_phLanguage.Controls.Add(LoadControl(UserLanguage.Location));
}
if ((UserInfo.IsLDAP() && !String.IsNullOrEmpty(UserInfo.MobilePhone)) ||
!String.IsNullOrEmpty(UserInfo.MobilePhone) ||
UserInfo.IsMe())
{
ShowPrimaryMobile = true;
if (Actions.AllowEdit && (!UserInfo.IsLDAP() || UserInfo.IsLDAP() && !LdapFields.Contains(LdapMapping.MobilePhoneAttribute)))
{
var changeMobile = (ChangeMobileNumber)LoadControl(ChangeMobileNumber.Location);
changeMobile.User = UserInfo;
ChangeMobileHolder.Controls.Add(changeMobile);
}
}
if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable && TfaAppUserSettings.EnableForUser(UserInfo.ID) && (UserInfo.IsMe() || IsAdmin))
{
ShowTfaAppSettings = true;
if (UserInfo.IsMe() || IsAdmin)
{
var resetApp = (ResetAppDialog)LoadControl(ResetAppDialog.Location);
resetApp.User = UserInfo;
_backupCodesPlaceholder.Controls.Add(resetApp);
}
if (UserInfo.IsMe())
{
var showBackup = (ShowBackupCodesDialog)LoadControl(ShowBackupCodesDialog.Location);
showBackup.User = UserInfo;
_backupCodesPlaceholder.Controls.Add(showBackup);
}
}
if (UserInfo.BirthDate.HasValue)
{
switch (HappyBirthday)
{
case 0:
BirthDayText = Resource.DrnToday;
break;
case 1:
BirthDayText = Resource.DrnTomorrow;
break;
case 2:
BirthDayText = Resource.In + " " + DateTimeExtension.Yet(2);
break;
case 3:
BirthDayText = Resource.In + " " + DateTimeExtension.Yet(3);
break;
default:
BirthDayText = String.Empty;
break;
}
}
if (UserInfo.Status != EmployeeStatus.Terminated)
{
Groups = CoreContext.UserManager.GetUserGroups(UserInfo.ID).ToList();
}
}
protected void Page_PreInit(object sender, EventArgs e)
{
if (CheckWizardCompleted)
{
var s = WizardSettings.Load();
if (!s.Completed)
{
Response.Redirect("~/Wizard.aspx");
}
}
//check auth
if (!SecurityContext.IsAuthenticated &&
!AuthByCookies() &&
!MayNotAuth)
{
if (TenantAccessSettings.Load().Anyone)
{
OutsideAuth();
}
else
{
var refererURL = GetRefererUrl();
Session["refererURL"] = refererURL;
var authUrl = "~/Auth.aspx";
if (Request.DesktopApp())
{
authUrl += "?desktop=" + Request["desktop"];
}
Response.Redirect(authUrl, true);
}
}
var user = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID);
if (!MayNotPaid &&
TenantExtra.EnableTarrifSettings &&
(TenantStatisticsProvider.IsNotPaid() || TenantExtra.UpdatedWithoutLicense) &&
WarmUp.Instance.CheckCompleted() && Request.QueryString["warmup"] != "true")
{
if (TariffSettings.HidePricingPage && !user.IsAdmin())
{
Response.StatusCode = (int)HttpStatusCode.PaymentRequired;
Response.End();
}
else
{
Response.Redirect(TenantExtra.GetTariffPageLink() + (Request.DesktopApp() ? "?desktop=true" : ""), true);
}
}
if (!MayPhoneNotActivate &&
SecurityContext.IsAuthenticated)
{
if (StudioSmsNotificationSettings.IsVisibleSettings && StudioSmsNotificationSettings.Enable &&
(string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated))
{
Response.Redirect(CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.PhoneActivation), true);
}
if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable &&
!TfaAppUserSettings.EnableForUser(user.ID))
{
Response.Redirect(CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.TfaActivation), true);
}
}
//check disable and public
var webitem = CommonLinkUtility.GetWebItemByUrl(Request.Url.ToString());
var parentIsDisabled = false;
if (webitem != null && webitem.IsSubItem())
{
var parentItemID = WebItemManager.Instance.GetParentItemID(webitem.ID);
parentIsDisabled = WebItemManager.Instance[parentItemID].IsDisabled();
}
if (webitem != null && (webitem.IsDisabled() || parentIsDisabled) && !MayNotAuth)
{
if (webitem.ID == WebItemManager.PeopleProductID &&
string.Equals(GetType().BaseType.FullName, "ASC.Web.People.Profile"))
{
Response.Redirect("~/My.aspx", true);
}
Response.Redirect("~/", true);
}
if (SecurityContext.IsAuthenticated && !CoreContext.Configuration.Personal)
{
try
{
StatisticManager.SaveUserVisit(TenantProvider.CurrentTenantID, SecurityContext.CurrentAccount.ID, CommonLinkUtility.GetProductID());
}
catch (Exception exc)
{
Log.Error("failed save user visit", exc);
}
}
}
[Create(@"", false, false)] //NOTE: This method doesn't require auth!!! //NOTE: This method doesn't check payment!!!
public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string codeOAuth)
{
bool viaEmail;
var user = GetUser(userName, password, provider, accessToken, out viaEmail, codeOAuth);
if (StudioSmsNotificationSettings.IsVisibleAndAvailableSettings && StudioSmsNotificationSettings.Enable)
{
if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated)
{
return new AuthenticationTokenData
{
Sms = true
}
}
;
SmsManager.PutAuthCode(user, false);
return(new AuthenticationTokenData
{
Sms = true,
PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone),
Expires = new ApiDateTime(DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval))
});
}
if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable)
{
if (!TfaAppUserSettings.EnableForUser(user.ID))
{
return new AuthenticationTokenData
{
Tfa = true,
TfaKey = user.GenerateSetupCode().ManualEntryKey
}
}
;
return(new AuthenticationTokenData
{
Tfa = true
});
}
try
{
var action = viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount;
var token = CookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.ID, action);
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var expires = TenantCookieSettings.GetExpiresTime(tenant);
return(new AuthenticationTokenData
{
Token = token,
Expires = new ApiDateTime(expires)
});
}
catch
{
MessageService.Send(Request, user.DisplayUserName(false), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount);
throw new AuthenticationException("User authentication failed");
}
finally
{
SecurityContext.Logout();
}
}
private AuthenticationTokenData AuthenticateMe(AuthModel auth)
{
bool viaEmail;
var user = GetUser(auth, out viaEmail);
if (StudioSmsNotificationSettingsHelper.IsVisibleSettings() && StudioSmsNotificationSettingsHelper.Enable)
{
if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated)
{
return new AuthenticationTokenData
{
Sms = true,
ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.PhoneActivation)
}
}
;
SmsManager.PutAuthCode(user, false);
return(new AuthenticationTokenData
{
Sms = true,
PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone),
Expires = new ApiDateTime(TenantManager, TimeZoneConverter, DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)),
ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.PhoneAuth)
});
}
if (TfaAppAuthSettings.IsVisibleSettings && SettingsManager.Load <TfaAppAuthSettings>().EnableSetting)
{
if (!TfaAppUserSettings.EnableForUser(SettingsManager, user.ID))
{
return new AuthenticationTokenData
{
Tfa = true,
TfaKey = TfaManager.GenerateSetupCode(user).ManualEntryKey,
ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.TfaActivation)
}
}
;
return(new AuthenticationTokenData
{
Tfa = true,
ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.TfaAuth)
});
}
try
{
var token = SecurityContext.AuthenticateMe(user.ID);
CookiesManager.SetCookies(CookiesType.AuthKey, token, auth.Session);
MessageService.Send(viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount);
var tenant = TenantManager.GetCurrentTenant().TenantId;
var expires = TenantCookieSettingsHelper.GetExpiresTime(tenant);
return(new AuthenticationTokenData
{
Token = token,
Expires = new ApiDateTime(TenantManager, TimeZoneConverter, expires)
});
}
catch
{
MessageService.Send(user.DisplayUserName(false, DisplayUserSettingsHelper), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount);
throw new AuthenticationException("User authentication failed");
}
finally
{
SecurityContext.Logout();
}
}
