protected override bool Execute() { ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO(); dynamic adDto = adAdo.GetAdSpecificDataForEmail(DTO.CcnEmail); if (adDto?.CcnUsername != null) { Response.error = Label.Get("error.authentication"); return(false); } if (!ReCAPTCHA.Validate(DTO.Captcha)) { Response.error = Label.Get("error.authentication"); return(false); } Login_BSO lBso = new Login_BSO(Ado); var userResponse = lBso.ReadByToken1Fa(DTO.LgnToken1Fa, DTO.CcnEmail); if (userResponse.hasData) { string user = userResponse.data[0].CcnUsername; DTO.CcnUsername = user; if (lBso.Update1FA(new Login_DTO_Create1FA() { LgnToken1Fa = DTO.LgnToken1Fa, Lgn1Fa = DTO.Lgn1Fa, CcnEmail = DTO.CcnEmail }, DTO.LgnToken1Fa)) { Response.data = JSONRPC.success; return(true); } } Response.error = Label.Get("error.authentication"); return(false); }
protected override bool Execute() { //Validate against ReCAPTCHA if (!ReCAPTCHA.Validate(DTO.Captcha)) { Response.error = Label.Get("error.authentication"); return(false); } //get the user from the token while checking the token is still valid // generate a new token and new timeout //update TD_LOGIN with the hashed password, the new token and the new timeout bool success = false; Login_BSO lBso = new Login_BSO(Ado); var userdata = lBso.ReadByToken1Fa(DTO.LgnToken1Fa, DTO.CcnUsername); if (!userdata.hasData) { Response.error = Label.Get("error.authentication"); return(false); } string newToken = Utility.GetRandomSHA256(userdata.data[0].CcnId.ToString()); DTO.CcnEmail = userdata.data[0].CcnEmail; DTO.CcnUsername = userdata.data[0].CcnUsername; //Not allowed for AD users ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO(); ActiveDirectory_DTO adDto = adAdo.GetUser(Ado, DTO); if (adDto.CcnDisplayName != null) { Response.error = Label.Get("error.authentication"); return(false); } if (lBso.Update1FA(DTO, newToken)) { DTO.LgnToken1Fa = newToken; lBso.UpdateInvitationToken2Fa(DTO.CcnUsername, newToken); if (sendMail) { SendEmail(new Login_DTO_Create() { CcnUsername = DTO.CcnUsername, LngIsoCode = DTO.LngIsoCode, CcnEmail = DTO.CcnEmail, CcnDisplayname = userdata.data[0].CcnDisplayName }, newToken, "PxStat.Security.Login_API.Create2FA"); } Response.data = JSONRPC.success; success = true; } else { Response.error = Label.Get("error.create"); success = false; } return(success); }