public async Task <WebStatus> AuthenticateCodeAsync(AuthenticateInputModel model) { _logger.LogDebug("Begin one time code authentication for {0}", model.Username); var genericErrorMessage = _localizer["The username or one time code wasn't right."]; var userResponse = await _userStore.GetUserByUsernameAsync(model.Username); if (userResponse.HasError) { await _eventNotificationService.NotifyEventAsync(model.Username, EventType.AccountNotFound, nameof(AuthenticateCodeAsync)); _logger.LogDebug("User not found: {0}", model.Username); return(Unauthenticated(genericErrorMessage)); } var user = userResponse.Result; model.OneTimeCode = model.OneTimeCode.Replace(" ", ""); var response = await _oneTimeCodeService.CheckOneTimeCodeAsync(user.Email, model.OneTimeCode, _httpContext.Request.GetClientNonce()); switch (response.Status.StatusCode) { case CheckOneTimeCodeStatusCode.VerifiedWithNonce: case CheckOneTimeCodeStatusCode.VerifiedWithoutNonce: var nonceWasValid = response.Status.StatusCode == CheckOneTimeCodeStatusCode.VerifiedWithNonce; await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInSuccess, SignInType.OneTimeCode.ToString()); return(await SignInAndRedirectAsync(SignInMethod.OneTimeCode, model.Username, model.StaySignedIn, response.Result.RedirectUrl, nonceWasValid)); case CheckOneTimeCodeStatusCode.Expired: await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInFail, SignInType.OneTimeCode.ToString()); return(Unauthenticated(_localizer["Your one time code has expired. Please request a new one."])); case CheckOneTimeCodeStatusCode.CodeIncorrect: case CheckOneTimeCodeStatusCode.NotFound: await _eventNotificationService.NotifyEventAsync(model.Username, EventType.SignInFail, SignInType.OneTimeCode.ToString()); return(Unauthenticated(genericErrorMessage)); case CheckOneTimeCodeStatusCode.ShortCodeLocked: return(Unauthenticated(_localizer["The one time code is locked. Please request a new one after a few minutes."])); case CheckOneTimeCodeStatusCode.ServiceFailure: default: return(ServerError(_localizer["Something went wrong."])); } }
public async Task <WebStatus> AuthenticateAsync(AuthenticatePasswordInputModel model) { _logger.LogDebug("Begin authentication for {0}", model.Username); var oneTimeCode = model.Password.Replace(" ", ""); if (oneTimeCode.Length == PasswordlessLoginConstants.OneTimeCode.ShortCodeLength && oneTimeCode.All(Char.IsDigit)) { _logger.LogDebug("Password was a one time code."); var input = new AuthenticateInputModel() { Username = model.Username, OneTimeCode = oneTimeCode, StaySignedIn = model.StaySignedIn }; return(await AuthenticateCodeAsync(input)); } else { _logger.LogDebug("Password was not a six-digit number"); return(await AuthenticatePasswordAsync(model)); } }