public async Task <string> ValidateAsync(OtpActivationRequestParams activationRequest)
{
int code;
if (int.TryParse(activationRequest.Otp, out code) == false)
{
return("OTP_INVALID_REQUEST");
}
if (_otpCodeValidationService.Validate(activationRequest.SecretKey, code) == false)
{
return("INVALID_OTP_CODE");
}
var principal = _httpContextAccessor.HttpContext.User;
var user = await _currentUserProvider.GetUserAsync(principal);
if (user.Id != activationRequest.UserId)
{
return("OTP_INVALID_REQUEST");
}
var isValid = await _userManager.CheckPasswordAsync(user, activationRequest.Password);
if (isValid == false)
{
return("INVALID_PASSWORD");
}
return("VALID");
}
public async Task <UserSettingsDTO> DeactivateAsync(OtpActivationRequestParams credentials)
{
var userId = credentials.UserId;
using (var context = _contextFactory())
using (var securityUserProvider = _securityUserProviderFactory(context))
{
var securityUser = await securityUserProvider.GetByUserIdAsync(userId);
securityUser.TwoFactorAuthenticationSecretKey = null;
context.Update(securityUser);
await context.SaveChangesAsync();
return(_mapper.Map <UserSettingsDTO>(securityUser));
}
}
