public void Registration_BadApiKey() { var client = new AuthyClient(badApiKey, true); var result = client.RegisterUser("*****@*****.**", "123-456-7890"); Assert.AreEqual(AuthyStatus.Unauthorized, result.Status); }
public ActionResult Verify(string token) { if (!IsAuthState(1)) { return(Redirect("/")); } TwoFactorAuthenticationConfig config = Config.Get <TwoFactorAuthenticationConfig>(); var authy = new AuthyClient(config.ApiKey, test: false); string authyId = Session["tfa.authyId"].ToString(); VerifyTokenResult result = authy.VerifyToken(authyId, token); if (result.Success) { var loggedInUsers = SecurityManager.GetLoggedInBackendUsers(); if (loggedInUsers.Where(u => u.UserName == Session["tfa.wrap_name"].ToString()).Count() > 0) { } return(Redirect(GetLoginUri())); } else { var model = new LoginModel(); ModelState.AddModelError("InvalidToken", "Incorrect Token"); return(View("Verify", model)); } }
public void Verification_BadApiKey() { var client = new AuthyClient(badApiKey, true); var result = client.VerifyToken("1", "0000000"); Assert.AreEqual(AuthyStatus.Unauthorized, result.Status); }
public void Registration_InvalidApiKey() { var client = new AuthyClient(invalidApiKey, true); var result = client.RegisterUser("*****@*****.**", "317-338-9302", 93); Assert.AreEqual(AuthyStatus.Unauthorized, result.Status); Assert.AreEqual(result.Success, false); Assert.AreEqual(result.Message, "Invalid API key."); }
public void Verification_InvalidApiKey() { var client = new AuthyClient(invalidApiKey, true); var result = client.VerifyToken("1", "0000000"); Assert.AreEqual(result.Status, AuthyStatus.Unauthorized); Assert.AreEqual(result.Success, false); Assert.AreEqual(result.Message, "Invalid API key."); }
public ActionResult Verify(string token) { if (!IsAuthState(1)) { return Redirect("/"); } TwoFactorAuthenticationConfig config = Config.Get<TwoFactorAuthenticationConfig>(); var authy = new AuthyClient(config.ApiKey, test: false); string authyId = Session["tfa.authyId"].ToString(); VerifyTokenResult result = authy.VerifyToken(authyId, token); if (result.Success) { var loggedInUsers = SecurityManager.GetLoggedInBackendUsers(); if (loggedInUsers.Where(u => u.UserName == Session["tfa.wrap_name"].ToString()).Count() > 0) { } return Redirect(GetLoginUri()); } else { var model = new LoginModel(); ModelState.AddModelError("InvalidToken", "Incorrect Token"); return View("Verify", model); } }
public async Task <ActionResult> Verify2FA() { // 0 - userId // 1 - userName // 2 - displayName // 3 - md5 (4) // 4 - isActive (5) // 5 - NewHash (6) string[] u = Request.Form["2FAUser"][0].FromBase64().Split('|'); bool md5 = Convert.ToBoolean(u[3]), isActive = Convert.ToBoolean(u[4]); var user = _context.Users.Where(x => x.Id == Convert.ToInt32(u[0])).Single(); //var u = User.GetPassword(txtUserName.Text); bool tfaValid = false; if (!Regex.IsMatch(user.TwoFactor, @"^[\d]+$")) { TwoFactorAuthenticator tfa = new TwoFactorAuthenticator(); if (tfa.ValidateTwoFactorPIN(user.TwoFactor, Request.Form["TwoFactorCode"][0])) { tfaValid = true; } } else { var client = new AuthyClient(settings.AuthyApiKey); if (client.VerifyToken(Convert.ToInt32(user.TwoFactor), Convert.ToInt32(Request.Form["TwoFactorCode"][0]))) { tfaValid = true; } } if (tfaValid) { if ((md5 && !isActive) || isActive) { await _signInManager.SignInAsync(user, false); //FormsAuthentication.RedirectFromLoginPage(u[1], false); if (NumTries > 0) { Response.Cookies.Delete("InvalidTries"); } if (md5) { user.UserPassword = u[5]; user.EmailConfirmation = Guid.NewGuid(); user.IsActive = true; _context.Users.Update(user); } } else { TempData["2FAError"] = true; //ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "LoginError", "$.magnificPopup.open({ items: { src: '#loginModalPopup' }, prependTo:'form#aspnetForm', closeOnBgClick: false });", true); TempData["2FAErrorMessage"] = "Sorry, there's a problem with your account. <a href=\"/Contact\">Contact us</a> to get it resolved."; //FailureText.Visible = true; int tries = NumTries + 1; NumTries = tries; } } else { // Display error and re-display popup TempData["2FAError"] = true; TempData["2FAErrorMessage"] = "Invalid token. Please try again."; //TwoFactorError.InnerText = "Invalid token. Please try again."; //ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "changePassword", "$.magnificPopup.open({ items: { src: '#twoFAModal' }, prependTo:'form#aspnetForm', closeOnBgClick: false });", true); } string url = Request.Form["loginPage"]; if (Url.IsLocalUrl(url)) { return(Redirect(url)); } else { return(Redirect("/")); } }