Exemplo n.º 1
0
        public IActionResult Index()
        {
            if (!HttpContext.Session.IsAvailable)
            {
                return(View("Index"));
            }

            var loggedInUser = GetLoggedInUser();

            if (loggedInUser != null)
            {
                var authenticated = IsAuthenticated();
                if (authenticated)
                {
                    return(RedirectToAction("Index", "Home"));
                }

                var firstToken = _db.Tokens.FirstOrDefault(x => x.UserId.Equals(loggedInUser.Id) && DateTime.UtcNow < x.ExpiryUtc);
                if (firstToken == null)
                {
                    var token    = SmsAuthHelper.RequestToken(loggedInUser.PhoneNumber).GetAwaiter().GetResult();
                    var smsToken = new Token
                    {
                        TokenString = token,
                        ExpiryUtc   = DateTime.UtcNow.AddMinutes(5),
                        UserId      = loggedInUser.Id,
                        User        = loggedInUser
                    };
                    _db.Tokens.Add(smsToken);
                    _db.SaveChanges();
                }
                return(View("Auth"));
            }
            return(View());
        }
Exemplo n.º 2
0
        public async Task <IActionResult> Auth()
        {
            if (!HttpContext.Session.IsAvailable)
            {
                return(View("Index"));
            }

            var loggedInUser  = GetLoggedInUser();
            var authenticated = IsAuthenticated();

            if (loggedInUser == null)
            {
                return(View("Index"));
            }

            if (loggedInUser.AccessBlocked)
            {
                if (DateTime.UtcNow < loggedInUser.AccessBlockedUntilUtc)
                {
                    return(View("Blocked", loggedInUser.AccessBlockedUntilUtc.Value));
                }

                loggedInUser.AccessBlocked           = false;
                loggedInUser.AccessBlockedUntilUtc   = null;
                _db.Users.Update(loggedInUser).State = EntityState.Modified;
                _db.SaveChanges();
            }

            if (authenticated)
            {
                return(RedirectToAction("Index", "Dashboard"));
            }

            var firstToken = _db.Tokens.FirstOrDefault(x => x.UserId.Equals(loggedInUser.Id) && DateTime.UtcNow < x.ExpiryUtc);

            if (firstToken == null)
            {
                var token = await SmsAuthHelper.RequestToken(loggedInUser.PhoneNumber);

                var smsToken = new Token
                {
                    TokenString = token,
                    ExpiryUtc   = DateTime.UtcNow.AddMinutes(5),
                    UserId      = loggedInUser.Id,
                    User        = loggedInUser
                };
                _db.Tokens.Add(smsToken);
                _db.SaveChanges();
            }

            return(View());
        }
Exemplo n.º 3
0
        public IActionResult Index(string username, string password)
        {
            if (!HttpContext.Session.IsAvailable)
            {
                return(View("Index"));
            }

            var loggedInUser = GetLoggedInUser();

            if (loggedInUser != null)
            {
                if (loggedInUser.AccessBlocked)
                {
                    if (DateTime.UtcNow < loggedInUser.AccessBlockedUntilUtc)
                    {
                        return(View("Blocked", loggedInUser.AccessBlockedUntilUtc.Value));
                    }

                    loggedInUser.AccessBlocked           = false;
                    loggedInUser.AccessBlockedUntilUtc   = null;
                    _db.Users.Update(loggedInUser).State = EntityState.Modified;
                    _db.SaveChanges();
                }

                var authenticated = IsAuthenticated();
                if (authenticated)
                {
                    return(RedirectToAction("Index", "Home"));
                }

                var firstToken = _db.Tokens.FirstOrDefault(x => x.UserId.Equals(loggedInUser.Id) && DateTime.UtcNow < x.ExpiryUtc);
                if (firstToken == null)
                {
                    var token    = SmsAuthHelper.RequestToken(loggedInUser.PhoneNumber).GetAwaiter().GetResult();
                    var smsToken = new Token
                    {
                        TokenString = token,
                        ExpiryUtc   = DateTime.UtcNow.AddMinutes(5),
                        UserId      = loggedInUser.Id,
                        User        = loggedInUser
                    };
                    _db.Tokens.Add(smsToken);
                    _db.SaveChanges();
                }

                return(View("Auth"));
            }
            else
            {
                var user = _db.Users.SingleOrDefault(x => x.Username.Equals(username));
                if (user == null)
                {
                    return(View());
                }

                if (user.AccessBlocked)
                {
                    if (DateTime.UtcNow < user.AccessBlockedUntilUtc)
                    {
                        return(View("Blocked", user.AccessBlockedUntilUtc.Value));
                    }

                    user.AccessBlocked           = false;
                    user.AccessBlockedUntilUtc   = null;
                    _db.Users.Update(user).State = EntityState.Modified;
                    _db.SaveChanges();
                }

                var validPass = CryptoHelper.VerifyHash(password, user.Password);
                if (!validPass)
                {
                    var tries = HttpContext.Session.GetInt32("LoginFails") ?? 0;
                    tries++;
                    if (tries >= 3)
                    {
                        user.AccessBlocked           = true;
                        user.AccessBlockedUntilUtc   = DateTime.UtcNow.AddMinutes(5);
                        _db.Users.Update(user).State = EntityState.Modified;
                        _db.SaveChanges();
                        HttpContext.Session.SetInt32("LoginFails", 0);
                        HttpContext.Session.CommitAsync();
                        return(View("Blocked", user.AccessBlockedUntilUtc.Value));
                    }

                    HttpContext.Session.SetInt32("LoginFails", tries);
                    HttpContext.Session.CommitAsync();
                    return(View());
                }

                HttpContext.Session.SetString("LoggedInUser", user.Id.ToString());
                HttpContext.Session.CommitAsync();
                var firstToken = _db.Tokens.FirstOrDefault(x => x.UserId.Equals(user.Id));
                if (firstToken == null)
                {
                    var token    = SmsAuthHelper.RequestToken(user.PhoneNumber).GetAwaiter().GetResult();
                    var smsToken = new Token
                    {
                        TokenString = token,
                        ExpiryUtc   = DateTime.UtcNow.AddMinutes(5),
                        UserId      = user.Id,
                        User        = user
                    };
                    _db.Tokens.Add(smsToken);
                    _db.SaveChanges();
                }

                return(View("Auth"));
            }
        }