private async Task LoadSharedKeyAndQrCodeUriAsync(User user, Activate2faViewModel model)
{
var unformattedKey = await userHelper.GetAuthenticatorKeyAsync(user);
if (string.IsNullOrEmpty(unformattedKey))
{
await userHelper.ResetAuthenticatorKeyAsync(user);
unformattedKey = await userHelper.GetAuthenticatorKeyAsync(user);
}
model.SharedKey = FormatKey(unformattedKey);
model.AuthenticatorUri = GenerateQrCodeUri(user.Email, unformattedKey);
}
public async Task <IActionResult> Activate2fa()
{
var user = await userHelper.FindByEmailAsync(User.Identity.Name);
if (user == null)
{
return(NotFound($"Unable to load user with ID '{ user.Id }'."));
}
var vm = new Activate2faViewModel();
await LoadSharedKeyAndQrCodeUriAsync(user, vm);
return(View(vm));
}
public async Task <IActionResult> Activate2fa(Activate2faViewModel model)
{
var user = await userHelper.FindByEmailAsync(User.Identity.Name);
if (user == null)
{
return(NotFound($"Unable to load user with ID '{ user.Id }'."));
}
if (ModelState.IsValid)
{
var verificationCode = model.Code.Replace(" ", string.Empty).Replace("-", string.Empty);
var is2faTokenValid = await userHelper.VerifyTwoFactorAuthAsync(user, tokenProvider : userHelper.GetTokenProvider(), verificationCode);
if (!is2faTokenValid)
{
ModelState.AddModelError(string.Empty, "La clave de verificación no es válida");
await LoadSharedKeyAndQrCodeUriAsync(user, model);
return(View());
}
await userHelper.SetTwoFactorEnabledAsync(user, true);
if (await userHelper.CountRecoveryCodes(user) >= 0)
{
var recoveryCodes = await userHelper.GenerateNewTwoFactorRecoveryCodesAsync(user, 10);
TempData[RecoveryCodesKey] = recoveryCodes.ToArray();
return(RedirectToAction(nameof(ShowRecoveryCodes)));
}
else
{
return(RedirectToAction(nameof(Settings)));
}
}
await LoadSharedKeyAndQrCodeUriAsync(user, model);
return(View());
}
