public IActionResult AdditionalAuthenticationFactor(string returnUrl, bool rememberLogin)
{
// Created VM
var vm = new AdditionalAuthenticationFactorViewModel()
{
RememberLogin = rememberLogin,
ReturnUrl = returnUrl
};
return(View(vm));
}
public async Task <IActionResult> AdditionalAuthenticationFactor(
AdditionalAuthenticationFactorViewModel model)
{
if (ModelState.IsValid)
{
// read identity from the temporary cookie
var info = await HttpContext.AuthenticateAsync("idsrv.2FA");
var tempUser = info?.Principal;
if (tempUser == null)
{
throw new Exception("2FA error");
}
var user = _IIDPUserRepository.GetUserBySubjectId(tempUser.GetSubjectId());
// ..... check the code to authenticate the user
/// (We need real check in production) that's 123 for demo
if (model.Code != "123")
{
ModelState.AddModelError("code", "2FA code is invalid");
return(View(model));
}
// login the user
AuthenticationProperties props = null;
if (AccountOptions.AllowRememberLogin && model.RememberLogin)
{
props = new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration)
};
}
;
// check if we are in the context of an authorization request
var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
await _events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username, clientId : context?.ClientId));
await HttpContext.SignInAsync(user.SubjectId, user.Username, props);
// clear the temporary cookie After signin
await HttpContext.SignOutAsync("idsrv.2FA");
if (_interaction.IsValidReturnUrl(model.ReturnUrl) || Url.IsLocalUrl(model.ReturnUrl))
{
return(Redirect(model.ReturnUrl));
}
}
return(View(model));
}
