protected internal virtual bool Authenticate(UserAccount account, string password, AuthenticationPurpose purpose)
{
Tracing.Verbose("[UserAccountService.Authenticate] for account: {0}", account.ID);
int failedLoginCount = SecuritySettings.AccountLockoutFailedLoginAttempts;
TimeSpan lockoutDuration = SecuritySettings.AccountLockoutDuration;
var result = account.Authenticate(password, failedLoginCount, lockoutDuration);
if (result &&
purpose == AuthenticationPurpose.SignIn &&
account.AccountTwoFactorAuthMode != TwoFactorAuthMode.None)
{
Tracing.Verbose("[UserAccountService.Authenticate] password authN successful, doing two factor auth checks: {0}, {1}", account.Tenant, account.Username);
bool shouldRequestTwoFactorAuthCode = true;
if (this.Configuration.TwoFactorAuthenticationPolicy != null)
{
shouldRequestTwoFactorAuthCode = this.Configuration.TwoFactorAuthenticationPolicy.RequestRequiresTwoFactorAuth(account);
Tracing.Verbose("[UserAccountService.Authenticate] TwoFactorAuthenticationPolicy.RequestRequiresTwoFactorAuth called, result: {0}", shouldRequestTwoFactorAuthCode);
}
if (shouldRequestTwoFactorAuthCode)
{
if (account.AccountTwoFactorAuthMode == TwoFactorAuthMode.Certificate)
{
Tracing.Verbose("[UserAccountService.Authenticate] requesting 2fa certificate: {0}, {1}", account.Tenant, account.Username);
result = account.RequestTwoFactorAuthCertificate();
}
if (account.AccountTwoFactorAuthMode == TwoFactorAuthMode.Mobile)
{
Tracing.Verbose("[UserAccountService.Authenticate] requesting 2fa mobile code: {0}, {1}", account.Tenant, account.Username);
result = account.RequestTwoFactorAuthCode();
}
}
}
Update(account);
Tracing.Verbose("[UserAccountService.Authenticate] authentication outcome: {0}", result ? "Successful Login" : "Failed Login");
return result;
}
protected internal virtual bool Authenticate(UserAccount account, string password, AuthenticationPurpose purpose)
{
Tracing.Verbose("[UserAccountService.Authenticate] for account: {0}", account.ID);
int failedLoginCount = Configuration.AccountLockoutFailedLoginAttempts;
TimeSpan lockoutDuration = Configuration.AccountLockoutDuration;
var result = account.Authenticate(password, failedLoginCount, lockoutDuration);
if (result &&
purpose == AuthenticationPurpose.SignIn &&
account.AccountTwoFactorAuthMode != TwoFactorAuthMode.None)
{
Tracing.Verbose("[UserAccountService.Authenticate] password authN successful, doing two factor auth checks: {0}, {1}", account.Tenant, account.Username);
bool shouldRequestTwoFactorAuthCode = true;
if (this.Configuration.TwoFactorAuthenticationPolicy != null)
{
var token = this.Configuration.TwoFactorAuthenticationPolicy.GetTwoFactorAuthToken(account);
if (!String.IsNullOrWhiteSpace(token))
{
shouldRequestTwoFactorAuthCode = !account.VerifyTwoFactorAuthToken(token);
Tracing.Verbose("[UserAccountService.Authenticate] TwoFactorAuthenticationPolicy token found, was verified: {0}", shouldRequestTwoFactorAuthCode);
}
else
{
Tracing.Verbose("[UserAccountService.Authenticate] TwoFactorAuthenticationPolicy no token present");
}
}
if (shouldRequestTwoFactorAuthCode)
{
if (account.AccountTwoFactorAuthMode == TwoFactorAuthMode.Certificate)
{
Tracing.Verbose("[UserAccountService.Authenticate] requesting 2fa certificate: {0}, {1}", account.Tenant, account.Username);
result = account.RequestTwoFactorAuthCertificate();
}
if (account.AccountTwoFactorAuthMode == TwoFactorAuthMode.Mobile)
{
Tracing.Verbose("[UserAccountService.Authenticate] requesting 2fa mobile code: {0}, {1}", account.Tenant, account.Username);
result = account.RequestTwoFactorAuthCode();
}
}
}
Update(account);
Tracing.Verbose("[UserAccountService.Authenticate] authentication outcome: {0}", result ? "Successful Login" : "Failed Login");
return result;
}
protected internal virtual bool Authenticate(UserAccount account, string password, AuthenticationPurpose purpose)
{
Tracing.Verbose("[UserAccountService.Authenticate] for account: {0}", account.ID);
int failedLoginCount = SecuritySettings.AccountLockoutFailedLoginAttempts;
TimeSpan lockoutDuration = SecuritySettings.AccountLockoutDuration;
var result = account.Authenticate(password, failedLoginCount, lockoutDuration);
if (result &&
purpose == AuthenticationPurpose.SignIn &&
account.AccountTwoFactorAuthMode != TwoFactorAuthMode.None)
{
Tracing.Verbose("[UserAccountService.Authenticate] password authN successful, doing two factor auth checks: {0}, {1}", account.Tenant, account.Username);
bool shouldRequestTwoFactorAuthCode = true;
if (this.Configuration.TwoFactorAuthenticationPolicy != null)
{
shouldRequestTwoFactorAuthCode = this.Configuration.TwoFactorAuthenticationPolicy.RequestRequiresTwoFactorAuth(account);
Tracing.Verbose("[UserAccountService.Authenticate] TwoFactorAuthenticationPolicy.RequestRequiresTwoFactorAuth called, result: {0}", shouldRequestTwoFactorAuthCode);
}
if (shouldRequestTwoFactorAuthCode)
{
if (account.AccountTwoFactorAuthMode == TwoFactorAuthMode.Certificate)
{
Tracing.Verbose("[UserAccountService.Authenticate] requesting 2fa certificate: {0}, {1}", account.Tenant, account.Username);
result = account.RequestTwoFactorAuthCertificate();
}
if (account.AccountTwoFactorAuthMode == TwoFactorAuthMode.Mobile)
{
Tracing.Verbose("[UserAccountService.Authenticate] requesting 2fa mobile code: {0}, {1}", account.Tenant, account.Username);
result = account.RequestTwoFactorAuthCode();
}
}
}
Update(account);
Tracing.Verbose("[UserAccountService.Authenticate] authentication outcome: {0}", result ? "Successful Login" : "Failed Login");
return(result);
}
protected internal virtual bool Authenticate(UserAccount account, string password, AuthenticationPurpose purpose)
{
int failedLoginCount = SecuritySettings.AccountLockoutFailedLoginAttempts;
TimeSpan lockoutDuration = SecuritySettings.AccountLockoutDuration;
var result = account.Authenticate(password, failedLoginCount, lockoutDuration);
if (result &&
purpose == AuthenticationPurpose.SignIn &&
account.UseTwoFactorAuth)
{
bool shouldRequestTwoFactorAuthCode = true;
if (this.Configuration.TwoFactorAuthenticationPolicy != null)
{
shouldRequestTwoFactorAuthCode = this.Configuration.TwoFactorAuthenticationPolicy.RequestRequiresTwoFactorAuth(account);
}
if (shouldRequestTwoFactorAuthCode)
{
Tracing.Verbose(String.Format("[UserAccountService.Authenticate] requesting 2fa code: {0}, {1}", account.Tenant, account.Username));
result = account.RequestTwoFactorAuthCode();
}
}
Update(account);
Tracing.Verbose(String.Format("[UserAccountService.Authenticate] authentication outcome: {0}, {1}, {2}", account.Tenant, account.Username, result ? "Successful Login" : "Failed Login"));
return(result);
}
protected internal virtual bool Authenticate(UserAccount account, string password, AuthenticationPurpose purpose)
{
int failedLoginCount = SecuritySettings.AccountLockoutFailedLoginAttempts;
TimeSpan lockoutDuration = SecuritySettings.AccountLockoutDuration;
var result = account.Authenticate(password, failedLoginCount, lockoutDuration);
if (result &&
purpose == AuthenticationPurpose.SignIn &&
account.UseTwoFactorAuth)
{
bool shouldRequestTwoFactorAuthCode = true;
if (this.Configuration.TwoFactorAuthenticationPolicy != null)
{
shouldRequestTwoFactorAuthCode = this.Configuration.TwoFactorAuthenticationPolicy.RequestRequiresTwoFactorAuth(account);
}
if (shouldRequestTwoFactorAuthCode)
{
Tracing.Verbose(String.Format("[UserAccountService.Authenticate] requesting 2fa code: {0}, {1}", account.Tenant, account.Username));
result = account.RequestTwoFactorAuthCode();
}
}
Update(account);
Tracing.Verbose(String.Format("[UserAccountService.Authenticate] authentication outcome: {0}, {1}, {2}", account.Tenant, account.Username, result ? "Successful Login" : "Failed Login"));
return result;
}
