public async Task <string> ValidateAsync(OtpActivationRequestParams activationRequest) { int code; if (int.TryParse(activationRequest.Otp, out code) == false) { return("OTP_INVALID_REQUEST"); } if (_otpCodeValidationService.Validate(activationRequest.SecretKey, code) == false) { return("INVALID_OTP_CODE"); } var principal = _httpContextAccessor.HttpContext.User; var user = await _currentUserProvider.GetUserAsync(principal); if (user.Id != activationRequest.UserId) { return("OTP_INVALID_REQUEST"); } var isValid = await _userManager.CheckPasswordAsync(user, activationRequest.Password); if (isValid == false) { return("INVALID_PASSWORD"); } return("VALID"); }
public async Task <UserSettingsDTO> DeactivateAsync(OtpActivationRequestParams credentials) { var userId = credentials.UserId; using (var context = _contextFactory()) using (var securityUserProvider = _securityUserProviderFactory(context)) { var securityUser = await securityUserProvider.GetByUserIdAsync(userId); securityUser.TwoFactorAuthenticationSecretKey = null; context.Update(securityUser); await context.SaveChangesAsync(); return(_mapper.Map <UserSettingsDTO>(securityUser)); } }