Exemplo n.º 1
0
        public static void InitTest()
        {
            try {
                throw AuthExceptions.UserHasBeenClosed("p18928");
            }
            catch (Exception ex) {
                System.Console.WriteLine(ex.Message);
            }

            try {
                throw AuthExceptions.MFAAuthenticationFailed();
            }
            catch (Exception ex) {
                System.Console.WriteLine(ex.Message);
            }

            System.Console.ReadLine();
        }
Exemplo n.º 2
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="principleInfo"></param>
        /// <param name="verificationCode"></param>
        public void CheckMFACode(PxPrincipalInfo principleInfo, string verificationCode)
        {
            using (PeakDbContext dbContext = new PeakDbContext()) {
                MFAMessage mfa = dbContext.MFAMessages.FirstOrDefault(x => x.RereferenceCode == principleInfo.Authentication.MFAReferenceCode && x.UserId == principleInfo.UserId && !x.IsUsed);
                if (mfa == null)
                {
                    throw AuthExceptions.InvalidMFAReferenceNo();
                }
                User usr = dbContext.Users.FirstOrDefault(x => x.Id == principleInfo.UserId);
                if (usr.PasswordState == PasswordState.Blocked)
                {
                    throw AuthExceptions.MFAUserBlocked();
                }

                if (DateTime.Now > mfa.Date.AddMinutes(PxConfigurationManager.PxConfig.Authentication.MultiFA.CodeValidDuration))
                {
                    throw AuthExceptions.MFACodeExpired();
                }

                string encryptedVerificationCode = encryptVerificationCode(verificationCode, principleInfo.PhoneNumber);
                if (!string.Equals(encryptedVerificationCode, mfa.VerificationCode))
                {
                    usr.MFATryCount++;
                    if (usr.MFATryCount >= PxConfigurationManager.PxConfig.Authentication.Policy.MaxFailedMFAAttemptCount)
                    {
                        usr.MFATryCount   = 0;
                        usr.PasswordState = PasswordState.Blocked;
                        dbContext.SaveChanges();
                        throw AuthExceptions.MFAUserBlocked();
                    }
                    dbContext.SaveChanges();
                    throw AuthExceptions.MFAAuthenticationFailed();
                }
                usr.MFATryCount = 0;
                dbContext.SaveChanges();
            }
            principleInfo.Authentication.IsMFAAuthenticationCompleted = true;
            PxSession session = PxSession.Get();

            session.Principal = principleInfo;
            PxSession.Save(session);
        }