[Create(@"{code}", false, false)] //NOTE: this method doesn't requires auth!!! //NOTE: this method doesn't check payment!!! public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string code) { bool viaEmail; var user = GetUser(userName, password, provider, accessToken, out viaEmail); try { SmsManager.ValidateSmsCode(user, code); var token = SecurityContext.AuthenticateMe(user.ID); MessageService.Send(Request, MessageAction.LoginSuccessViaApiSms); var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId; var expires = TenantCookieSettings.GetExpiresTime(tenant); return(new AuthenticationTokenData { Token = token, Expires = new ApiDateTime(expires), Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone) }); } catch { MessageService.Send(Request, user.DisplayUserName(false), MessageAction.LoginFailViaApiSms, MessageTarget.Create(user.ID)); throw new AuthenticationException("User authentication failed"); } finally { SecurityContext.Logout(); } }
public object SendSmsCodeAgain(string query) { var user = GetUser(query); SmsManager.PutAuthCode(user, true); return (new { phoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone), confirm = true, }); }
private AuthenticationTokenData SendSmsCode(AuthModel model) { var user = GetUser(model, out _); SmsManager.PutAuthCode(user, true); return(new AuthenticationTokenData { Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone), Expires = new ApiDateTime(TenantManager, TimeZoneConverter, DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)) }); }
[Create(@"", false, false)] //NOTE: this method doesn't requires auth!!! //NOTE: this method doesn't check payment!!! public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken) { bool viaEmail; var user = GetUser(userName, password, provider, accessToken, out viaEmail); if (!StudioSmsNotificationSettings.IsVisibleSettings || !StudioSmsNotificationSettings.Enable) { try { var token = SecurityContext.AuthenticateMe(user.ID); MessageService.Send(Request, viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount); var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId; var expires = TenantCookieSettings.GetExpiresTime(tenant); return(new AuthenticationTokenData { Token = token, Expires = new ApiDateTime(expires) }); } catch { MessageService.Send(Request, user.DisplayUserName(false), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount); throw new AuthenticationException("User authentication failed"); } finally { SecurityContext.Logout(); } } if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated) { return new AuthenticationTokenData { Sms = true } } ; SmsManager.PutAuthCode(user, false); return(new AuthenticationTokenData { Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone), Expires = new ApiDateTime(DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)) }); }
[Create(@"sendsms", false, false)] //NOTE: this method doesn't requires auth!!! //NOTE: this method doesn't check payment!!! public AuthenticationTokenData SendSmsCode(string userName, string password, string provider, string accessToken) { bool viaEmail; var user = GetUser(userName, password, provider, accessToken, out viaEmail); SmsManager.PutAuthCode(user, true); return(new AuthenticationTokenData { Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone), Expires = new ApiDateTime(DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)) }); }
[Create(@"setphone", false, false)] //NOTE: this method doesn't requires auth!!! //NOTE: this method doesn't check payment!!! public AuthenticationTokenData SaveMobilePhone(string userName, string password, string provider, string accessToken, string mobilePhone) { bool viaEmail; var user = GetUser(userName, password, provider, accessToken, out viaEmail); mobilePhone = SmsManager.SaveMobilePhone(user, mobilePhone); MessageService.Send(HttpContext.Current.Request, MessageAction.UserUpdatedMobileNumber, MessageTarget.Create(user.ID), user.DisplayUserName(false), mobilePhone); return(new AuthenticationTokenData { Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(mobilePhone), Expires = new ApiDateTime(DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)) }); }
private AuthenticationTokenData SaveMobilePhone(MobileModel model) { ApiContext.AuthByClaim(); var user = UserManager.GetUsers(AuthContext.CurrentAccount.ID); model.MobilePhone = SmsManager.SaveMobilePhone(user, model.MobilePhone); MessageService.Send(MessageAction.UserUpdatedMobileNumber, MessageTarget.Create(user.ID), user.DisplayUserName(false, DisplayUserSettingsHelper), model.MobilePhone); return(new AuthenticationTokenData { Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(model.MobilePhone), Expires = new ApiDateTime(TenantManager, TimeZoneConverter, DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)) }); }
public object SaveMobilePhone(string query, string mobilePhone) { var user = GetUser(query); mobilePhone = SmsManager.SaveMobilePhone(user, mobilePhone); MessageService.Send(HttpContext.Current.Request, MessageAction.UserUpdatedMobileNumber, MessageTarget.Create(user.ID), user.DisplayUserName(false), mobilePhone); var mustConfirm = StudioSmsNotificationSettings.Enable; return (new { phoneNoise = SmsSender.BuildPhoneNoise(mobilePhone), confirm = mustConfirm, RefererURL = mustConfirm ? string.Empty : Context.GetRefererURL() }); }
[Create(@"{code}", false, false)] //NOTE: This method doesn't require auth!!! //NOTE: This method doesn't check payment!!! public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string code, string codeOAuth) { bool viaEmail; var user = GetUser(userName, password, provider, accessToken, out viaEmail, codeOAuth); var sms = false; try { if (StudioSmsNotificationSettings.IsVisibleAndAvailableSettings && StudioSmsNotificationSettings.Enable) { sms = true; SmsManager.ValidateSmsCode(user, code, true); } else if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable) { if (user.ValidateAuthCode(code, true, true)) { MessageService.Send(Request, MessageAction.UserConnectedTfaApp, MessageTarget.Create(user.ID)); } } else { throw new SecurityException("Auth code is not available"); } var token = CookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.ID, MessageAction.LoginSuccess); var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId; var expires = TenantCookieSettings.GetExpiresTime(tenant); var result = new AuthenticationTokenData { Token = token, Expires = new ApiDateTime(expires) }; if (sms) { result.Sms = true; result.PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone); } else { result.Tfa = true; } return(result); } catch { MessageService.Send(Request, user.DisplayUserName(false), sms ? MessageAction.LoginFailViaApiSms : MessageAction.LoginFailViaApiTfa, MessageTarget.Create(user.ID)); throw new AuthenticationException("User authentication failed"); } finally { SecurityContext.Logout(); } }
private AuthenticationTokenData AuthenticateMeWithCode(AuthModel auth) { var tenant = TenantManager.GetCurrentTenant().TenantId; var user = GetUser(auth, out _); var sms = false; try { if (StudioSmsNotificationSettingsHelper.IsVisibleSettings() && StudioSmsNotificationSettingsHelper.Enable) { sms = true; SmsManager.ValidateSmsCode(user, auth.Code); } else if (TfaAppAuthSettings.IsVisibleSettings && SettingsManager.Load <TfaAppAuthSettings>().EnableSetting) { if (TfaManager.ValidateAuthCode(user, auth.Code)) { MessageService.Send(MessageAction.UserConnectedTfaApp, MessageTarget.Create(user.ID)); } } else { throw new System.Security.SecurityException("Auth code is not available"); } var token = SecurityContext.AuthenticateMe(user.ID); MessageService.Send(sms ? MessageAction.LoginSuccessViaApiSms : MessageAction.LoginSuccessViaApiTfa); ; var expires = TenantCookieSettingsHelper.GetExpiresTime(tenant); var result = new AuthenticationTokenData { Token = token, Expires = new ApiDateTime(TenantManager, TimeZoneConverter, expires) }; if (sms) { result.Sms = true; result.PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone); } else { result.Tfa = true; } return(result); } catch { MessageService.Send(user.DisplayUserName(false, DisplayUserSettingsHelper), sms ? MessageAction.LoginFailViaApiSms : MessageAction.LoginFailViaApiTfa, MessageTarget.Create(user.ID)); throw new AuthenticationException("User authentication failed"); } finally { SecurityContext.Logout(); } }
private AuthenticationTokenData AuthenticateMe(AuthModel auth) { bool viaEmail; var user = GetUser(auth, out viaEmail); if (StudioSmsNotificationSettingsHelper.IsVisibleSettings() && StudioSmsNotificationSettingsHelper.Enable) { if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated) { return new AuthenticationTokenData { Sms = true, ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.PhoneActivation) } } ; SmsManager.PutAuthCode(user, false); return(new AuthenticationTokenData { Sms = true, PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone), Expires = new ApiDateTime(TenantManager, TimeZoneConverter, DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval)), ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.PhoneAuth) }); } if (TfaAppAuthSettings.IsVisibleSettings && SettingsManager.Load <TfaAppAuthSettings>().EnableSetting) { if (!TfaAppUserSettings.EnableForUser(SettingsManager, user.ID)) { return new AuthenticationTokenData { Tfa = true, TfaKey = TfaManager.GenerateSetupCode(user).ManualEntryKey, ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.TfaActivation) } } ; return(new AuthenticationTokenData { Tfa = true, ConfirmUrl = CommonLinkUtility.GetConfirmationUrl(user.Email, ConfirmType.TfaAuth) }); } try { var token = SecurityContext.AuthenticateMe(user.ID); CookiesManager.SetCookies(CookiesType.AuthKey, token, auth.Session); MessageService.Send(viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount); var tenant = TenantManager.GetCurrentTenant().TenantId; var expires = TenantCookieSettingsHelper.GetExpiresTime(tenant); return(new AuthenticationTokenData { Token = token, Expires = new ApiDateTime(TenantManager, TimeZoneConverter, expires) }); } catch { MessageService.Send(user.DisplayUserName(false, DisplayUserSettingsHelper), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount); throw new AuthenticationException("User authentication failed"); } finally { SecurityContext.Logout(); } }