public async Task <ActionResult> BeginDelistingCurrency(UpdateListingStatusModel model) { if (!ModelState.IsValid) { return(View("DelistCurrencyModal", model)); } if (model.DelistOn == null) { ModelState.AddModelError(nameof(model.DelistOn), "A delist date is required"); return(View("DelistCurrencyModal", model)); } var isAuthenticated = await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(AuthenticatedFeatureType.Delisting, model.TwoFactorCode); if (!isAuthenticated) { ModelState.AddModelError(nameof(model.TwoFactorCode), "Invalid code"); return(View("DelistCurrencyModal", model)); } var result = await AdminCurrencyWriter.BeginDelistingCurrency(User.Identity.GetUserId(), model); if (!ModelState.IsWriterResultValid(result)) { return(View("DelistCurrencyModal", model)); } return(CloseModalSuccess(result.Message)); }
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { #if !DEBUG if (!CryptopiaAuthenticationHelper.ValidateCaptcha()) { ModelState.AddModelError("", "Invalid reCaptcha"); return(View(model)); } if (!ModelState.IsValid) { return(View(model)); } #endif var user = await UserManager.FindByEmailAsync(model.EmailAddress); if (user == null || user.IsDisabled || !await UserManager.IsInRoleAsync(user.Id, "Admin") || !await UserManager.CheckPasswordAsync(user, model.Password)) { ModelState.AddModelError("", "Email or password was invalid."); return(View(model)); } // is the user locked out if (await UserManager.IsLockedOutAsync(user.Id)) { ModelState.AddModelError("", "Locked Out."); return(View(model)); } await UserSyncService.SyncUser(user.Id); await UserManager.ResetAccessFailedCountAsync(user.Id); #if !DEBUG if (!await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(user.Id, model.TwoFactor)) { ModelState.AddModelError("", "Two factor token incorrect."); return(View(model)); } #endif await SignInAsync(user, false); if (string.IsNullOrEmpty(returnUrl)) { return(RedirectToAction("Index", "Support")); } return(RedirectToLocal(returnUrl)); }
public async Task <bool> VerifyUserTwoFactorCodeAsync(TwoFactorComponent component, string userid, string data, string data2) { var user = await FindByIdAsync(userid); if (user == null) { return(false); } var twofactorMethod = user.TwoFactor.FirstOrDefault(x => x.Component == component); if (twofactorMethod == null || twofactorMethod.Type == TwoFactorType.None) { return(true); } if (twofactorMethod.Type == TwoFactorType.PinCode) { return(twofactorMethod.Data == data); } if (twofactorMethod.Type == TwoFactorType.EmailCode) { return(await VerifyTwoFactorTokenAsync(userid, twofactorMethod.Type.ToString(), data)); } if (twofactorMethod.Type == TwoFactorType.GoogleCode) { return(GoogleAuthenticationHelper.VerifyGoogleTwoFactorCode(twofactorMethod.Data, data)); } if (twofactorMethod.Type == TwoFactorType.CryptopiaCode) { return(await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(userid, data)); } if (twofactorMethod.Type == TwoFactorType.Password) { return(PasswordHasher.VerifyHashedPassword(user.PasswordHash, data) != PasswordVerificationResult.Failed); } if (twofactorMethod.Type == TwoFactorType.Question) { return(data.Equals(twofactorMethod.Data2, StringComparison.OrdinalIgnoreCase) && data2.Equals(twofactorMethod.Data4, StringComparison.OrdinalIgnoreCase)); } return(false); }
public async Task <ActionResult> BlockIpAddress(BlockIpAddressModel model) { if (!ModelState.IsValid) { return(View("BlockIpAddressModal", model)); } if (!await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(AuthenticatedFeatureType.BlacklistIP, model.AuthenticationCode)) { ModelState.AddModelError("", "Two factor token incorrect."); return(View("BlockIpAddressModal", model)); } await Writer.BlacklistIpAddress(User.Identity.GetUserId(), model.Address); return(CloseModalSuccess($"Ip Address {model.Address} successfully blocked.")); }
public async Task <ActionResult> VerifyCryptopiaCode(string serialNumber, string code) { var userId = User.Identity.GetUserId(); using (var context = new ApplicationDbContext()) { if (!await context.TwoFactorCode.AnyAsync(x => x.UserId == userId && x.SerialNumber == serialNumber)) { return(JsonError(Resources.Authorization.twoFactorCryptopiaInvalidSerialError)); } } if (await CryptopiaAuthenticationHelper.VerifyTwoFactorCode(User.Identity.GetUserId(), code)) { return(JsonSuccess(Resources.Authorization.twoFactorCryptopiaActivatedMessage)); } return(JsonError(Resources.Authorization.twoFactorCryptopiaInvaidCodeError)); }
public async Task <ActionResult> Contact(ContactModel model) { if (!ModelState.IsValid) { return(View(model)); } if (!CryptopiaAuthenticationHelper.ValidateCaptcha()) { ModelState.AddModelError("", Resources.Home.contactReCaptchaError); return(View(model)); } if (!await SendSystemEmailAsync(EmailTemplateType.ContactRequest, SystemEmailType.Email_Contact, model.Email, model.Subject, model.Message)) { ModelState.AddModelError("", Resources.Home.contactFailedMessage); return(View(model)); } ModelState.AddModelError("Success", Resources.Home.contactSuccessMessage); return(RedirectToAction("Contact", new { success = true })); }
public async Task <ActionResult> ForgotPassword(ForgotPasswordViewModel model) { if (!CryptopiaAuthenticationHelper.ValidateCaptcha()) { ModelState.AddModelError("", Resources.Authorization.reCaptchaError); return(View(model)); } if (!ModelState.IsValid) { return(View(model)); } if (ModelState.IsValid) { var message = new ViewMessageModel(ViewMessageType.Info, Resources.Authorization.resetTitle, Resources.Authorization.resetMessage); var user = await UserManager.FindByEmailAsync(model.Email); if (user == null || !(await UserManager.IsEmailConfirmedAsync(user.Id)) || user.IsDisabled) { // Don't reveal that the user does not exist or is not confirmed return(ViewMessage(message)); } var resetPasswordToken = Url.Action("ResetPassword", "Login", new { code = await UserManager.GeneratePasswordResetTokenAsync(user.Id) }, protocol: Request.Url.Scheme); await SendEmailAsync(EmailTemplateType.PasswordReset, null, user.Email, user.Id, user.UserName, resetPasswordToken); return(ViewMessage(message)); } // If we got this far, something failed, redisplay form return(View(model)); }
public async Task <ActionResult> SendSupportRequest(SupportModel model) { if (!ModelState.IsValid) { return(View("Support", model)); } if (!CryptopiaAuthenticationHelper.ValidateCaptcha()) { ModelState.AddModelError("", Resources.Support.supportReCaptchaError); return(View("Support", model)); } if (!await SendSystemEmailAsync(EmailTemplateType.SupportRequest, SystemEmailType.Email_System, model.Email, model.Subject, model.Message)) { model.IsError = true; model.Result = Resources.Support.supportFailedError; return(View("Support", model)); } ModelState.Clear(); return(View("Support", new SupportModel { Result = Resources.Support.supportSuccessMessage })); }
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { if (!CryptopiaAuthenticationHelper.ValidateCaptcha()) { ModelState.AddModelError("", Resources.Authorization.reCaptchaError); return(View(model)); } if (!ModelState.IsValid) { return(View(model)); } var user = await UserManager.FindByEmailAsync(model.EmailAddress); if (user != null && !user.IsDisabled) { // is the users email confirmed if (!await UserManager.IsEmailConfirmedAsync(user.Id)) { ModelState.AddModelError("", Resources.Authorization.loginConfirmationEmailSentMessage); return(View(model)); } // is the user locked out if (await UserManager.IsLockedOutAsync(user.Id)) { var expires = user.LockoutEndDateUtc.HasValue ? (user.LockoutEndDateUtc.Value - DateTime.UtcNow).ToReadableString() : TimeSpan.FromHours(24).ToReadableString(); ModelState.AddModelError("", Resources.Authorization.loginAccountIsLockedError); ModelState.AddModelError("", Resources.Authorization.loginAccountLockExpiresError + ' ' + expires); return(View(model)); } // is the password correct if (await UserManager.CheckPasswordAsync(user, model.Password)) { await UserSyncService.SyncUser(user.Id); await UserManager.ResetAccessFailedCountAsync(user.Id); var loginTwoFactor = user.TwoFactor.FirstOrDefault(x => x.Component == TwoFactorComponent.Login); if (loginTwoFactor != null && loginTwoFactor.Type != TwoFactorType.None) { SetTwoFactorLoginAuthCookie(user.Id); if (loginTwoFactor.Type == TwoFactorType.EmailCode) { var code = await GenerateUserTwoFactorCodeAsync(TwoFactorType.EmailCode, user.Id, true); await SendEmailAsync(EmailTemplateType.TwoFactorLogin, null, loginTwoFactor.Data, user.Id, user.UserName, code); } return(RedirectToAction("VerifyLoginTwoFactor")); } // No twofactor just sign in await SignInAsync(user, false); if (string.IsNullOrEmpty(returnUrl)) { return(RedirectToAction("Index", "Home")); } return(RedirectToLocal(returnUrl)); } else { await UserManager.AccessFailedAsync(user.Id); if (await UserManager.IsLockedOutAsync(user.Id)) { await HandleAccountLockout(user); return(View(model)); } ModelState.AddModelError("", string.Format(Resources.Authorization.loginFailedError, UserManager.MaxFailedAccessAttemptsBeforeLockout - user.AccessFailedCount)); await SendEmailAsync(EmailTemplateType.LogonFail, null, user.Email, user.Id, user.UserName, user.AccessFailedCount, UserManager.MaxFailedAccessAttemptsBeforeLockout - user.AccessFailedCount); return(View(model)); } } // If we got this far, something failed, redisplay form ModelState.AddModelError("", Resources.Authorization.loginFailedError); return(View(model)); }
public async Task <ActionResult> Register(RegisterViewModel model) { if (!CryptopiaAuthenticationHelper.ValidateCaptcha()) { ModelState.AddModelError("", Resources.Authorization.reCaptchaError); return(View(model)); } if (!ModelState.IsValid) { return(View(model)); } var existing = await UserManager.FindByHandleAsync(model.UserName); if (existing != null) { ModelState.AddModelError("", string.Format(Resources.Authorization.registerUserNameExistsError, model.UserName)); return(View(model)); } var baseEmail = model.EmailAddress.Split('@'); if (baseEmail != null && baseEmail.Any() && baseEmail.Count() == 2) { var cleanEmail = string.Format("{0}@{1}", baseEmail[0].Replace(".", ""), baseEmail[1]); var existinEmail = await UserManager.FindByEmailAsync(cleanEmail); if (existinEmail != null) { ModelState.AddModelError("", string.Format(Resources.Authorization.registerEmailExistsError, model.EmailAddress)); return(View(model)); } } var user = new ApplicationUser { UserName = model.UserName, Email = model.EmailAddress, ChatHandle = model.UserName, MiningHandle = model.UserName, RegisterDate = DateTime.UtcNow, Referrer = string.IsNullOrEmpty(model.Referrer) ? "System" : model.Referrer, DisableWithdrawEmailConfirmation = false, DisableRewards = true, DisableLogonEmail = true, IsUnsafeWithdrawEnabled = true, VerificationLevel = VerificationLevel.Level1 }; user.Settings = new UserSettings { HideZeroBalance = false, ShowFavoriteBalance = false, Theme = SiteTheme.Light, Id = user.Id, DefaultMineShaft = 0, DefaultTradepair = 0 }; user.Profile = new UserProfile { Id = user.Id, IsPublic = false }; user.TwoFactor = new List <UserTwoFactor>(); foreach (TwoFactorComponent twoFactorComponent in Enum.GetValues(typeof(TwoFactorComponent))) { user.TwoFactor.Add(new UserTwoFactor { UserId = user.Id, Component = twoFactorComponent, Type = TwoFactorType.PinCode, IsEnabled = true, Data = model.PinCode }); } var result = await UserManager.CreateAsync(user, model.Password); if (result.Succeeded) { string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id); var callbackUrl = Url.Action("RegisterConfirmEmail", "Login", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme); if (await SendEmailAsync(EmailTemplateType.Registration, null, user.Email, user.Id, user.UserName, callbackUrl)) { return(ViewMessage(new ViewMessageModel(ViewMessageType.Info, Resources.Authorization.registerEmailConfirmationTitle, string.Format(Resources.Authorization.registerEmailConfirmationMessage, user.Email)))); } ModelState.AddModelError("", Resources.Authorization.registerEmailConfirmationError); } AddErrors(result); return(View(model)); }