public async Task <SignInResult> LoginWith2fa(string ip, LoginWith2faRequest loginWith2FaRequest)
{
ValidationResult validationResult = _lginwith2faValidator.Validate(loginWith2FaRequest);
if (!validationResult.IsValid)
{
_logger.LogError($"Invalid LoginWith2faRequest");
return(SignInResult.Failed);
}
string code = loginWith2FaRequest.Code.Replace(" ", string.Empty).Replace("-", string.Empty);
AppUserEntity appUser = await _signInManager.GetTwoFactorAuthenticationUserAsync();
if (appUser == null)
{
_logger.LogError($"No user for Twofactor login");
return(SignInResult.Failed);
}
if (!appUser.CanLogin())
{
_logger.LogInformation($"User is not allowd to login. User {appUser.Id}");
return(SignInResult.Failed);
}
if (!appUser.TwoFactorEnabled || appUser.TwoFactor == TwoFactorAuthenticationType.None)
{
_logger.LogError($"Use does not have 2fa enabled. User {appUser.Id}");
return(SignInResult.Failed);
}
appUser.SessionCode = Guid.NewGuid().ToString();
Result addSessionResult = _sessionService.Add(appUser.SessionCode, appUser.Id, ip);
if (addSessionResult.Failure)
{
return(SignInResult.Failed);
}
SignInResult signInResult = await _signInManager.TwoFactorSignInAsync(appUser.TwoFactor.ToProvider(), code,
loginWith2FaRequest.RememberMe, loginWith2FaRequest.RememberMachine);
if (!signInResult.Succeeded)
{
_logger.LogError($"Faild to log in user with TwoFactorAuthenticator");
_sessionService.Logout(appUser.SessionCode, appUser.Id, SessionEndTypes.InvlidTwoFactorLogin);
}
_logger.LogInformation($"User loged in with 2fa. UserId {appUser.Id}");
return(signInResult);
}
public async Task <Result <SignInResult> > Callback(string remoteError)
{
if (!string.IsNullOrEmpty(remoteError))
{
_logger.LogError($"External login provider returned error. Error {remoteError}");
return(Result.Fail <SignInResult>("external_login_provider_error", remoteError));
}
ExternalLoginInfo externalLoginInfo = await _signInManager.GetExternalLoginInfoAsync();
if (externalLoginInfo == null)
{
_logger.LogError($"Error getting external login info");
return(Result.Fail <SignInResult>("failed_to_get_external_longin_info", "Failed to get external login info"));
}
AppUserEntity appUser = await _userManager.FindByLoginAsync(externalLoginInfo.LoginProvider, externalLoginInfo.ProviderKey);
if (appUser == null)
{
_logger.LogInformation($"Users email does not exist");
return(Result.Ok(SignInResult.Failed));
}
string sessionCode = _httpContextAccessor.HttpContext.User.GetSessionCode();
if (sessionCode != null)
{
_sessionService.Logout(sessionCode, appUser.Id, SessionEndTypes.Expired);
}
if (!appUser.CanLogin())
{
_logger.LogInformation($"User is not allowed to login. User {appUser.Id}");
return(Result.Fail <SignInResult>("no_user", "No user"));
}
SignInResult signInResult = await _signInManager.ExternalLoginSignInAsync(
loginProvider : externalLoginInfo.LoginProvider,
providerKey : externalLoginInfo.ProviderKey,
isPersistent : false,
bypassTwoFactor : _identityOptions.BypassTwoFactorOnExternalLogin);
return(Result.Ok(signInResult));
}
/// <summary>
/// Used to login user after password change, 2fa change
/// </summary>
/// <param name="userId"></param>
/// <param name="sessionCode"></param>
/// <param name="ip"></param>
/// <returns></returns>
public async Task <Result> Login(string userId, string sessionCode, string ip)
{
await _signInManager.SignOutAsync();
AppUserEntity appUser = await _userManager.FindByIdAsync(userId);
if (appUser == null)
{
_logger.LogInformation($"No user with username {userId}");
return(Result.Fail("error", "Error"));
}
if (sessionCode != null)
{
_sessionService.Logout(sessionCode, appUser.Id, SessionEndTypes.SecurityCodeChange);
}
if (!appUser.CanLogin())
{
_logger.LogInformation($"User is not allowd to login. User {appUser.Id}");
return(Result.Fail("error", "Error"));
}
appUser.SessionCode = Guid.NewGuid().ToString();
Result addSessionResult = _sessionService.Add(appUser.SessionCode, appUser.Id, ip);
if (addSessionResult.Failure)
{
return(Result.Fail("error", "error"));
}
await _signInManager.SignInAsync(appUser, false);
_logger.LogInformation($"User loged in. UserId {appUser.Id}");
return(Result.Ok());
}
public async Task <SignInResult> Login(string ip, string sessionCode, LoginRequest login)
{
ValidationResult validationResult = _loginValidator.Validate(login);
if (!validationResult.IsValid)
{
_logger.LogError($"Invalid LoginRequest. UserName {login?.UserName}");
return(SignInResult.Failed);
}
await _signInManager.SignOutAsync();
AppUserEntity appUser = await _userManager.FindByNameAsync(login.UserName);
if (appUser == null)
{
_logger.LogInformation($"No user with username {login.UserName}");
return(SignInResult.Failed);
}
if (sessionCode != null)
{
_sessionService.Logout(sessionCode, appUser.Id, SessionEndTypes.Expired);
}
if (!appUser.CanLogin())
{
_logger.LogInformation($"User is not allowd to login. User {appUser.Id}");
return(SignInResult.Failed);
}
appUser.SessionCode = Guid.NewGuid().ToString();
Result addSessionResult = _sessionService.Add(appUser.SessionCode, appUser.Id, ip);
if (addSessionResult.Failure)
{
return(SignInResult.Failed);
}
SignInResult result = await _signInManager.PasswordSignInAsync(appUser, login.Password, login.RememberMe, lockoutOnFailure : true);
if (!result.Succeeded)
{
if (result.RequiresTwoFactor)
{
_logger.LogInformation($"Login Requires TwoFactor. User {appUser.Id}");
_sessionService.Logout(appUser.SessionCode, appUser.Id, SessionEndTypes.TwoFactorLogin);
}
if (!result.IsLockedOut)
{
_logger.LogInformation($"Faild to log in user. User {appUser.Id}");
_sessionService.Logout(appUser.SessionCode, appUser.Id, SessionEndTypes.InvalidLogin);
}
return(result);
}
_logger.LogInformation($"User loged in. UserId {appUser.Id}");
return(result);
}