public ActionResult Add(GoogleAuthenticatorModel model)
{
if (ModelState.IsValid)
{
var tokenCookie = Request.Cookies[Constants.COOKIE_NAME];
if (tokenCookie == null)
{
return(SignOut());
}
var api = new MultiFactorSelfServiceApiClient(tokenCookie.Value);
try
{
var result = api.AddTotpAuthenticator(model.Key, model.Otp);
if (result.Success)
{
return(RedirectToAction("Index", "Home"));
}
ModelState.AddModelError("Otp", Resources.Totp.WrongOtp);
}
catch (UnauthorizedException)
{
return(SignOut());
}
}
return(View("Index", model));
}
public IActionResult LRMfaAuth([FromBody] GoogleAuthenticatorModel googleAuth, [FromQuery(Name = "multi_factor_auth_token")] String secondFactorAuthToken)
{
var apiresponse = new MultiFactorAuthenticationApi().MFAValidateGoogleAuthCode(googleAuth.googleauthenticatorcode, secondFactorAuthToken);
if (apiresponse.RestException != null)
{
return(StatusCode(400, Json(apiresponse.RestException)));
}
return(Json(apiresponse.Response));
}
public IActionResult LRMfaEnableGoogle([FromBody] GoogleAuthenticatorModel googleAuthenticatorCode, [FromQuery(Name = "auth")] String accessToken)
{
var apiresponse = new MultiFactorAuthenticationApi().MFAValidateGoogleAuthCode(accessToken, googleAuthenticatorCode.googleauthenticatorcode);
if (apiresponse.RestException != null)
{
return(StatusCode(400, Json(apiresponse.RestException)));
}
return(Json(apiresponse.Response));
}
public IActionResult GoogleAuthenticatorDelete(GoogleAuthenticatorModel model)
{
if (!ModelState.IsValid)
{
return(ErrorJson(ModelState.SerializeErrors()));
}
//delete configuration
var configuration = _googleAuthenticatorService.GetConfigurationById(model.Id);
if (configuration != null)
{
_googleAuthenticatorService.DeleteConfiguration(configuration);
}
return(new NullJsonResult());
}
/// <returns>A task that represents the asynchronous operation</returns>
public async Task <IActionResult> GoogleAuthenticatorDelete(GoogleAuthenticatorModel model)
{
if (!ModelState.IsValid)
{
return(ErrorJson(ModelState.SerializeErrors()));
}
//delete configuration
var configuration = await _googleAuthenticatorService.GetConfigurationByIdAsync(model.Id);
if (configuration != null)
{
await _googleAuthenticatorService.DeleteConfigurationAsync(configuration);
}
var customer = await _customerService.GetCustomerByEmailAsync(configuration.Customer) ??
await _customerService.GetCustomerByUsernameAsync(configuration.Customer);
if (customer != null)
{
await _genericAttributeService.SaveAttributeAsync(customer, NopCustomerDefaults.SelectedMultiFactorAuthenticationProviderAttribute, string.Empty);
}
return(new NullJsonResult());
}
public async Task <OperationDataResult <GoogleAuthenticatorModel> > GetGoogleAuthenticator(LoginModel loginModel)
{
// try to sign in with user credentials
var user = await _userManager.FindByNameAsync(loginModel.Username);
if (user == null)
{
return(new OperationDataResult <GoogleAuthenticatorModel>(false,
_localizationService.GetString("UserNameOrPasswordIncorrect")));
}
var signInResult =
await _signInManager.CheckPasswordSignInAsync(user, loginModel.Password, true);
if (!signInResult.Succeeded)
{
if (signInResult.IsLockedOut)
{
return(new OperationDataResult <GoogleAuthenticatorModel>(false,
"Locked Out. Please, try again after 10 min"));
}
// Credentials are invalid, or account doesn't exist
return(new OperationDataResult <GoogleAuthenticatorModel>(false,
_localizationService.GetString("UserNameOrPasswordIncorrect")));
}
// check if two factor is enabled
var isTwoFactorAuthForced = _appSettings.Value.IsTwoFactorForced;
if (!user.TwoFactorEnabled && !isTwoFactorAuthForced)
{
return(new OperationDataResult <GoogleAuthenticatorModel>(true));
}
// generate PSK and barcode
if (!string.IsNullOrEmpty(user.GoogleAuthenticatorSecretKey) && user.IsGoogleAuthenticatorEnabled)
{
return(new OperationDataResult <GoogleAuthenticatorModel>(true, new GoogleAuthenticatorModel()));
}
var psk = KeyGeneration.GenerateRandomKey(20);
var barcodeUrl = KeyUrl.GetTotpUrl(psk, user.UserName) + "&issuer=EformApplication";
var model = new GoogleAuthenticatorModel
{
PSK = Base32.ToBase32String(psk),
BarcodeUrl = HttpUtility.UrlEncode(barcodeUrl)
};
// write PSK to the user entity
user.GoogleAuthenticatorSecretKey = model.PSK;
var updateResult = _userManager.UpdateAsync(user).Result;
if (!updateResult.Succeeded)
{
return(new OperationDataResult <GoogleAuthenticatorModel>(false,
_localizationService.GetString("ErrorWhileUpdatingPSK")));
}
// return
return(new OperationDataResult <GoogleAuthenticatorModel>(true, model));
}
