Esempio n. 1
0
        public async Task <WebStatus> AuthenticatePasswordAsync(AuthenticatePasswordInputModel model)
        {
            _logger.LogDebug("Begin password authentication for {0}", model.Username);

            var genericErrorMessage = _localizer["The username or password wasn't right."];
            var userResponse        = await _userStore.GetUserByUsernameAsync(model.Username);

            if (userResponse.HasError)
            {
                await _eventNotificationService.NotifyEventAsync(model.Username, EventType.AccountNotFound, nameof(AuthenticatePasswordAsync));

                _logger.LogDebug("User not found: {0}", model.Username);
                return(Unauthenticated(genericErrorMessage));
            }

            var user = userResponse.Result;

            var trustedBrowserResponse = await _trustedBrowserStore.GetTrustedBrowserAsync(user.SubjectId, _httpContext.Request.GetBrowserId());

            var passwordLockMode = trustedBrowserResponse.IsOk ? PasswordLockMode.TrustedClient : PasswordLockMode.UntrustedClient;

            var checkPasswordStatus = await _passwordService.CheckPasswordAsync(user.SubjectId, model.Password, passwordLockMode);

            _logger.LogDebug(checkPasswordStatus.Text);
            if (checkPasswordStatus.IsOk)
            {
                await _eventNotificationService.NotifyEventAsync(user.Email, EventType.SignInSuccess, SignInType.Password.ToString());

                return(await SignInAndRedirectAsync(SignInMethod.Password, model.Username, model.StaySignedIn, model.NextUrl, null));
            }
            switch (checkPasswordStatus.StatusCode)
            {
            case CheckPasswordStatusCode.TemporarilyLocked:
                return(Unauthenticated(_localizer["Your password is temporarily locked. Use a one time code to sign in."]));

            case CheckPasswordStatusCode.PasswordIncorrect:
            case CheckPasswordStatusCode.NotFound:
                await _eventNotificationService.NotifyEventAsync(user.Email, EventType.SignInFail, $"{SignInType.Password} {checkPasswordStatus.StatusCode}");

                return(Unauthenticated(genericErrorMessage));

            default:
                return(ServerError(_localizer["Hmm. Something went wrong. Please try again."]));
            }
        }
Esempio n. 2
0
        public async Task <WebStatus> AuthenticateAsync(AuthenticatePasswordInputModel model)
        {
            _logger.LogDebug("Begin authentication for {0}", model.Username);

            var oneTimeCode = model.Password.Replace(" ", "");

            if (oneTimeCode.Length == PasswordlessLoginConstants.OneTimeCode.ShortCodeLength && oneTimeCode.All(Char.IsDigit))
            {
                _logger.LogDebug("Password was a one time code.");
                var input = new AuthenticateInputModel()
                {
                    Username     = model.Username,
                    OneTimeCode  = oneTimeCode,
                    StaySignedIn = model.StaySignedIn
                };
                return(await AuthenticateCodeAsync(input));
            }
            else
            {
                _logger.LogDebug("Password was not a six-digit number");
                return(await AuthenticatePasswordAsync(model));
            }
        }