public async Task <IActionResult> OnPostAsync()
{
var user = await _userManager.GetUserAsync(User);
if (user == null)
{
return(NotFound($"Unable to load user with ID '{_userManager.GetUserId(User)}'."));
}
var credentialIds = (await _store.GetCredentialIdsForUser(user.Email)).ToList();
if (credentialIds.Any())
{
foreach (var credId in credentialIds)
{
var cred = await _store.GetCredentialById(credId);
// TODO: Add FIDO credential removal logic
//await _store.Remove(cred);
(_store as InMemoryFidoKeyStore).Keys.Remove(cred); // Workaround...
}
}
var disable2faResult = await _userManager.SetTwoFactorEnabledAsync(user, false);
if (!disable2faResult.Succeeded)
{
throw new InvalidOperationException($"Unexpected error occurred disabling 2FA for user with ID '{_userManager.GetUserId(User)}'.");
}
_logger.LogInformation("User with ID '{UserId}' has disabled 2fa.", _userManager.GetUserId(User));
StatusMessage = "2fa has been disabled. You can reenable 2fa when you setup an authenticator app";
return(RedirectToPage("./TwoFactorAuthentication"));
}
public async Task <IActionResult> OnGet()
{
var user = await _userManager.GetUserAsync(User);
if (user == null)
{
return(NotFound($"Unable to load user with ID '{_userManager.GetUserId(User)}'."));
}
HasAuthenticator = await _userManager.GetAuthenticatorKeyAsync(user) != null;
Is2faEnabled = await _userManager.GetTwoFactorEnabledAsync(user);
IsMachineRemembered = await _signInManager.IsTwoFactorClientRememberedAsync(user);
RecoveryCodesLeft = await _userManager.CountRecoveryCodesAsync(user);
SecurityKeys = new List <RegisteredSecurityKeyModel>();
var credentialIds = (await _store.GetCredentialIdsForUser(user.Email)).ToList();
HasSecurityKey = credentialIds.Any();
if (HasSecurityKey)
{
var id = 0;
foreach (var credId in credentialIds)
{
id += 1;
var cred = await _store.GetCredentialById(credId);
SecurityKeys.Add(new RegisteredSecurityKeyModel {
Id = WebEncoders.Base64UrlEncode(cred.CredentialId), DeviceName = cred.DisplayFriendlyName
});
}
}
return(Page());
}
