public string TfaAppNewApp(TfaModel model) { var isMe = model.Id.Equals(Guid.Empty); var user = CoreContext.UserManager.GetUsers(isMe ? SecurityContext.CurrentAccount.ID : model.Id); if (!isMe && !SecurityContext.CheckPermissions(Tenant, new UserSecurityProvider(user.ID), Constants.Action_EditUser)) { throw new SecurityAccessDeniedException(Resource.ErrorAccessDenied); } if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppUserSettings.EnableForUser(user.ID)) { throw new Exception(Resource.TfaAppNotAvailable); } if (user.IsVisitor(Tenant) || user.IsOutsider(Tenant)) { throw new NotSupportedException("Not available."); } TfaAppUserSettings.DisableForUser(user.ID); MessageService.Send(MessageAction.UserDisconnectedTfaApp, MessageTarget.Create(user.ID), user.DisplayUserName(false)); if (isMe) { return(CommonLinkUtility.GetConfirmationUrl(Tenant.TenantId, user.Email, ConfirmType.TfaActivation)); } StudioNotifyService.SendMsgTfaReset(Tenant.TenantId, user); return(string.Empty); }
protected void Page_Load(object sender, EventArgs e) { if (SecurityContext.IsAuthenticated && User.ID != SecurityContext.CurrentAccount.ID) { Response.Redirect(GetRefererURL(), true); return; } if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppAuthSettings.Enable) { Response.Redirect(GetRefererURL(), true); return; } if (!Activation && !TfaAppUserSettings.EnableForUser(User.ID)) { Response.Redirect(GetRefererURL(), true); return; } var authCommunications = (AuthCommunications)LoadControl(AuthCommunications.Location); authCommunications.DisableJoin = true; _communitations.Controls.Add(authCommunications); AjaxPro.Utility.RegisterTypeForAjax(GetType()); Page.RegisterBodyScripts("~/UserControls/Management/TfaControls/js/confirmtfa.js") .RegisterStyle("~/UserControls/Management/TfaControls/css/confirmtfa.less"); if (Activation) { SetupCode = User.GenerateSetupCode(300); } }
public static string TfaConfirmUrl(UserInfo user) { if (user == null) { return(string.Empty); } var confirmType = TfaAppUserSettings.EnableForUser(user.ID) ? ConfirmType.TfaAuth : ConfirmType.TfaActivation; return(CommonLinkUtility.GetConfirmationUrl(user.Email, confirmType)); }
public IEnumerable <object> TfaAppGetCodes() { var currentUser = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppUserSettings.EnableForUser(currentUser.ID)) { throw new Exception(Resource.TfaAppNotAvailable); } if (currentUser.IsVisitor(ApiContext.Tenant) || currentUser.IsOutsider(ApiContext.Tenant)) { throw new NotSupportedException("Not available."); } return(TfaAppUserSettings.LoadForCurrentUser().CodesSetting.Select(r => new { r.IsUsed, r.Code }).ToList()); }
public IEnumerable <object> TfaAppRequestNewCodes() { var currentUser = CoreContext.UserManager.GetUsers(Tenant.TenantId, SecurityContext.CurrentAccount.ID); if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppUserSettings.EnableForUser(currentUser.ID)) { throw new Exception(Resource.TfaAppNotAvailable); } if (currentUser.IsVisitor(Tenant) || currentUser.IsOutsider(Tenant)) { throw new NotSupportedException("Not available."); } var codes = currentUser.GenerateBackupCodes().Select(r => new { r.IsUsed, r.Code }).ToList(); MessageService.Send(MessageAction.UserConnectedTfaApp, MessageTarget.Create(currentUser.ID), currentUser.DisplayUserName(false)); return(codes); }
protected void Page_Load(object sender, EventArgs e) { if (UserProfileHelper == null) { UserProfileHelper = new ProfileHelper(SecurityContext.CurrentAccount.ID.ToString()); } UserInfo = UserProfileHelper.UserInfo; ShowSocialLogins = UserInfo.IsMe(); EnableOauth = CoreContext.Configuration.Standalone || CoreContext.TenantManager.GetTenantQuota(TenantProvider.CurrentTenantID).Oauth; TariffPageLink = TenantExtra.GetTariffPageLink(); IsAdmin = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsAdmin() || WebItemSecurity.IsProductAdministrator(WebItemManager.PeopleProductID, SecurityContext.CurrentAccount.ID); IsVisitor = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).IsVisitor(); if (!IsAdmin && (UserInfo.Status != EmployeeStatus.Active)) { Response.Redirect(CommonLinkUtility.GetFullAbsolutePath("~/Products/People/"), true); } Role = GetRole(); Actions = new AllowedActions(UserInfo); LdapFields = ASC.ActiveDirectory.Base.Settings.LdapSettings.GetImportedFields; HappyBirthday = CheckHappyBirthday(); ContactPhones.DataSource = UserProfileHelper.Phones; ContactPhones.DataBind(); ContactEmails.DataSource = UserProfileHelper.Emails; ContactEmails.DataBind(); ContactMessengers.DataSource = UserProfileHelper.Messengers; ContactMessengers.DataBind(); ContactSoccontacts.DataSource = UserProfileHelper.Contacts; ContactSoccontacts.DataBind(); _deleteProfileContainer.Options.IsPopup = true; Page.RegisterStyle("~/UserControls/Users/UserProfile/css/userprofilecontrol_style.less") .RegisterBodyScripts(VirtualPathUtility.ToAbsolute("~/UserControls/Users/UserProfile/js/userprofilecontrol.js")); if (Actions.AllowEdit) { _editControlsHolder.Controls.Add(LoadControl(PwdTool.Location)); } if (Actions.AllowEdit || (UserInfo.IsOwner() && IsAdmin)) { var control = (UserEmailChange)LoadControl(UserEmailChange.Location); control.UserInfo = UserInfo; control.RegisterStylesAndScripts = false; userEmailChange.Controls.Add(control); } if (ShowSocialLogins && AccountLinkControl.IsNotEmpty) { var accountLink = (AccountLinkControl)LoadControl(AccountLinkControl.Location); accountLink.ClientCallback = "loginCallback"; accountLink.SettingsView = true; _accountPlaceholder.Controls.Add(accountLink); } var emailControl = (UserEmailControl)LoadControl(UserEmailControl.Location); emailControl.User = UserInfo; emailControl.Viewer = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); _phEmailControlsHolder.Controls.Add(emailControl); var photoControl = (LoadPhotoControl)LoadControl(LoadPhotoControl.Location); photoControl.User = UserInfo; loadPhotoWindow.Controls.Add(photoControl); if (UserInfo.IsMe() && SetupInfo.EnabledCultures.Count > 1) { _phLanguage.Controls.Add(LoadControl(UserLanguage.Location)); } if ((UserInfo.IsLDAP() && !String.IsNullOrEmpty(UserInfo.MobilePhone)) || !String.IsNullOrEmpty(UserInfo.MobilePhone) || UserInfo.IsMe()) { ShowPrimaryMobile = true; if (Actions.AllowEdit && (!UserInfo.IsLDAP() || UserInfo.IsLDAP() && !LdapFields.Contains(LdapMapping.MobilePhoneAttribute))) { var changeMobile = (ChangeMobileNumber)LoadControl(ChangeMobileNumber.Location); changeMobile.User = UserInfo; ChangeMobileHolder.Controls.Add(changeMobile); } } if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable && TfaAppUserSettings.EnableForUser(UserInfo.ID) && (UserInfo.IsMe() || IsAdmin)) { ShowTfaAppSettings = true; if (UserInfo.IsMe() || IsAdmin) { var resetApp = (ResetAppDialog)LoadControl(ResetAppDialog.Location); resetApp.User = UserInfo; _backupCodesPlaceholder.Controls.Add(resetApp); } if (UserInfo.IsMe()) { var showBackup = (ShowBackupCodesDialog)LoadControl(ShowBackupCodesDialog.Location); showBackup.User = UserInfo; _backupCodesPlaceholder.Controls.Add(showBackup); } } if (UserInfo.BirthDate.HasValue) { switch (HappyBirthday) { case 0: BirthDayText = Resource.DrnToday; break; case 1: BirthDayText = Resource.DrnTomorrow; break; case 2: BirthDayText = Resource.In + " " + DateTimeExtension.Yet(2); break; case 3: BirthDayText = Resource.In + " " + DateTimeExtension.Yet(3); break; default: BirthDayText = String.Empty; break; } } if (UserInfo.Status != EmployeeStatus.Terminated) { Groups = CoreContext.UserManager.GetUserGroups(UserInfo.ID).ToList(); } }
protected void Page_PreInit(object sender, EventArgs e) { if (CheckWizardCompleted) { var s = WizardSettings.Load(); if (!s.Completed) { Response.Redirect("~/Wizard.aspx"); } } //check auth if (!SecurityContext.IsAuthenticated && !AuthByCookies() && !MayNotAuth) { if (TenantAccessSettings.Load().Anyone) { OutsideAuth(); } else { var refererURL = GetRefererUrl(); Session["refererURL"] = refererURL; var authUrl = "~/Auth.aspx"; if (Request.DesktopApp()) { authUrl += "?desktop=" + Request["desktop"]; } Response.Redirect(authUrl, true); } } var user = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); if (!MayNotPaid && TenantExtra.EnableTarrifSettings && (TenantStatisticsProvider.IsNotPaid() || TenantExtra.UpdatedWithoutLicense) && WarmUp.Instance.CheckCompleted() && Request.QueryString["warmup"] != "true") { if (TariffSettings.HidePricingPage && !user.IsAdmin()) { Response.StatusCode = (int)HttpStatusCode.PaymentRequired; Response.End(); } else { Response.Redirect(TenantExtra.GetTariffPageLink() + (Request.DesktopApp() ? "?desktop=true" : ""), true); } } if (!MayPhoneNotActivate && SecurityContext.IsAuthenticated) { if (StudioSmsNotificationSettings.IsVisibleSettings && StudioSmsNotificationSettings.Enable && (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated)) { Response.Redirect(CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.PhoneActivation), true); } if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable && !TfaAppUserSettings.EnableForUser(user.ID)) { Response.Redirect(CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.TfaActivation), true); } } //check disable and public var webitem = CommonLinkUtility.GetWebItemByUrl(Request.Url.ToString()); var parentIsDisabled = false; if (webitem != null && webitem.IsSubItem()) { var parentItemID = WebItemManager.Instance.GetParentItemID(webitem.ID); parentIsDisabled = WebItemManager.Instance[parentItemID].IsDisabled(); } if (webitem != null && (webitem.IsDisabled() || parentIsDisabled) && !MayNotAuth) { if (webitem.ID == WebItemManager.PeopleProductID && string.Equals(GetType().BaseType.FullName, "ASC.Web.People.Profile")) { Response.Redirect("~/My.aspx", true); } Response.Redirect("~/", true); } if (SecurityContext.IsAuthenticated && !CoreContext.Configuration.Personal) { try { StatisticManager.SaveUserVisit(TenantProvider.CurrentTenantID, SecurityContext.CurrentAccount.ID, CommonLinkUtility.GetProductID()); } catch (Exception exc) { Log.Error("failed save user visit", exc); } } }
[Create(@"", false, false)] //NOTE: This method doesn't require auth!!! //NOTE: This method doesn't check payment!!! public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string codeOAuth) { bool viaEmail; var user = GetUser(userName, password, provider, accessToken, out viaEmail, codeOAuth); if (StudioSmsNotificationSettings.IsVisibleAndAvailableSettings && StudioSmsNotificationSettings.Enable) { if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated) { return new AuthenticationTokenData { Sms = true } } ; SmsManager.PutAuthCode(user, false); return(new AuthenticationTokenData { Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone), Expires = new ApiDateTime(DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)) }); } if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable) { if (!TfaAppUserSettings.EnableForUser(user.ID)) { return new AuthenticationTokenData { Tfa = true, TfaKey = user.GenerateSetupCode().ManualEntryKey } } ; return(new AuthenticationTokenData { Tfa = true }); } try { var action = viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount; var token = CookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.ID, action); var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId; var expires = TenantCookieSettings.GetExpiresTime(tenant); return(new AuthenticationTokenData { Token = token, Expires = new ApiDateTime(expires) }); } catch { MessageService.Send(Request, user.DisplayUserName(false), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount); throw new AuthenticationException("User authentication failed"); } finally { SecurityContext.Logout(); } }
private AuthenticationTokenData AuthenticateMe(AuthModel auth) { bool viaEmail; var user = GetUser(auth, out viaEmail); if (StudioSmsNotificationSettingsHelper.IsVisibleSettings() && StudioSmsNotificationSettingsHelper.Enable) { if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated) { return new AuthenticationTokenData { Sms = true, ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.PhoneActivation) } } ; SmsManager.PutAuthCode(user, false); return(new AuthenticationTokenData { Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone), Expires = new ApiDateTime(TenantManager, TimeZoneConverter, DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)), ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.PhoneAuth) }); } if (TfaAppAuthSettings.IsVisibleSettings && SettingsManager.Load <TfaAppAuthSettings>().EnableSetting) { if (!TfaAppUserSettings.EnableForUser(SettingsManager, user.ID)) { return new AuthenticationTokenData { Tfa = true, TfaKey = TfaManager.GenerateSetupCode(user).ManualEntryKey, ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.TfaActivation) } } ; return(new AuthenticationTokenData { Tfa = true, ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.TfaAuth) }); } try { var token = SecurityContext.AuthenticateMe(user.ID); CookiesManager.SetCookies(CookiesType.AuthKey, token, auth.Session); MessageService.Send(viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount); var tenant = TenantManager.GetCurrentTenant().TenantId; var expires = TenantCookieSettingsHelper.GetExpiresTime(tenant); return(new AuthenticationTokenData { Token = token, Expires = new ApiDateTime(TenantManager, TimeZoneConverter, expires) }); } catch { MessageService.Send(user.DisplayUserName(false, DisplayUserSettingsHelper), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount); throw new AuthenticationException("User authentication failed"); } finally { SecurityContext.Logout(); } }