public async Task <ActionResult> SendCode(CodeViewModel codeViewModel)
{
if (codeViewModel == null)
{
throw new ArgumentNullException(nameof(codeViewModel));
}
await SetUser();
if (!ModelState.IsValid)
{
await TranslateView(DefaultLanguage);
return(View(codeViewModel));
}
// 1. Check user is authenticated
var authenticatedUser = await _authenticationService.GetAuthenticatedUser(this, SimpleIdentityServer.Host.Constants.TwoFactorCookieName);
if (authenticatedUser == null || authenticatedUser.Identity == null || !authenticatedUser.Identity.IsAuthenticated)
{
throw new IdentityServerException(
SimpleIdentityServer.Core.Errors.ErrorCodes.UnhandledExceptionCode,
SimpleIdentityServer.Core.Errors.ErrorDescriptions.TwoFactorAuthenticationCannotBePerformed);
}
// 2. Validate the code
if (!await _authenticateActions.ValidateCode(codeViewModel.Code))
{
await TranslateView(DefaultLanguage);
ModelState.AddModelError("Code", "confirmation code is not valid");
_simpleIdentityServerEventSource.ConfirmationCodeNotValid(codeViewModel.Code);
return(View(codeViewModel));
}
// 3. Remove the code
if (!await _authenticateActions.RemoveCode(codeViewModel.Code))
{
await TranslateView(DefaultLanguage);
ModelState.AddModelError("Code", "an error occured while trying to remove the code");
return(View(codeViewModel));
}
// 4. Authenticate the resource owner
await _authenticationService.SignOutAsync(HttpContext, SimpleIdentityServer.Host.Constants.TwoFactorCookieName, new Microsoft.AspNetCore.Authentication.AuthenticationProperties());
await SetLocalCookie(authenticatedUser.Claims, Guid.NewGuid().ToString());
return(RedirectToAction("Index", "User"));
}
