public async Task <ActionResult> Create(CreateTwoFactorModel model)
{
await Validate(ModelState, model);
if (!ModelState.IsValid)
{
return(View("Create", model));
}
var user = UserManager.FindById(User.Identity.GetUserId());
if (user == null)
{
return(Unauthorized());
}
// If twofactor exists something is dodgy, return unauthorised
var userTwoFactor = user.TwoFactor.ToList();
var twofactor = userTwoFactor.FirstOrDefault(x => x.Component == model.ComponentType);
if (twofactor != null && twofactor.Type != TwoFactorType.None)
{
return(RedirectToRoute("Security"));
}
if (model.Type == TwoFactorType.GoogleCode)
{
var existing = user.TwoFactor.FirstOrDefault(x => x.Type == TwoFactorType.GoogleCode);
if (existing != null)
{
model.GoogleData.PrivateKey = existing.Data;
model.GoogleData.PublicKey = existing.Data2;
}
}
if (model.Type == TwoFactorType.CryptopiaCode)
{
var existing = user.TwoFactor.FirstOrDefault(x => x.Type == TwoFactorType.CryptopiaCode);
if (existing == null)
{
using (var context = new ApplicationDbContext())
{
if (!await context.TwoFactorCode.AnyAsync(x => x.UserId == user.Id && x.SerialNumber == model.CryptopiaSerial))
{
ModelState.AddModelError("", Resources.Authorization.twoFactorCryptopiaNoDeviceError);
return(View("Create", model));
}
}
}
}
if (model.ApplyToAllEmpty)
{
foreach (TwoFactorComponent twoFactorComponent in Enum.GetValues(typeof(TwoFactorComponent)))
{
var existing = userTwoFactor.FirstOrDefault(x => x.Component == twoFactorComponent);
if (existing != null && existing.Type != TwoFactorType.None)
{
continue;
}
if (existing == null)
{
existing = new UserTwoFactor();
SetTwoFactorValues(twoFactorComponent, model, existing);
user.TwoFactor.Add(existing);
continue;
}
SetTwoFactorValues(twoFactorComponent, model, existing);
}
await UserManager.UpdateAsync(user);
return(RedirectToRoute("Security"));
}
// If no TFA exists, create and redirect to TFA view partial
if (twofactor == null)
{
twofactor = new UserTwoFactor();
SetTwoFactorValues(model.ComponentType, model, twofactor);
user.TwoFactor.Add(twofactor);
await UserManager.UpdateAsync(user);
return(RedirectToRoute("Security"));
}
SetTwoFactorValues(twofactor.Component, model, twofactor);
await UserManager.UpdateAsync(user);
return(RedirectToRoute("Security"));
}
private void SetTwoFactorValues(TwoFactorComponent componentType, CreateTwoFactorModel model, UserTwoFactor entity)
{
entity.ClearData();
entity.Type = model.Type;
entity.Component = componentType;
entity.IsEnabled = true;
if (model.Type == TwoFactorType.EmailCode)
{
entity.Data = model.DataEmail;
}
else if (model.Type == TwoFactorType.PinCode)
{
entity.Data = model.DataPin;
}
else if (model.Type == TwoFactorType.GoogleCode)
{
entity.Data = model.GoogleData.PrivateKey;
entity.Data2 = model.GoogleData.PublicKey;
}
else if (model.Type == TwoFactorType.Question)
{
entity.Data = model.DataQuestion1;
entity.Data2 = model.DataAnswer1;
entity.Data3 = model.DataQuestion2;
entity.Data4 = model.DataAnswer2;
}
}
