public async Task <IActionResult> AddTwoFactorAuthenticator(AddTwoFactorAuthenticatorRequest request)
{
if (!ModelState.IsValid)
{
return(RedirectToAction(nameof(Index)));
}
string userId = GetUserId();
Result <IEnumerable <string> > verifyResult = await _twoFactorAuthService.VerifyTwoFactorCode(userId, request);
if (verifyResult.Failure)
{
SaveTempData(AUTHENTICATOR_STATUS_ALERT_TEMP_DATA_KEY, StatusAlertViewExtension.Get(verifyResult));
return(RedirectToAction(nameof(AddTwoFactorAuthenticator)));
}
SaveTempData(RECOVERY_CODES_KEY, verifyResult.Value);
return(RedirectToAction(nameof(RecoveryCodesView)));
}
public async Task <IActionResult> AddTwoFactorAuthenticator(AddTwoFactorAuthenticatorRequest request)
{
if (!ModelState.IsValid)
{
return(RedirectToAction(nameof(Index)));
}
string userId = GetUserId();
Result verifyResult = await _twoFactorAuthService.VerifyTwoFactorCode(userId, GetSessionCode(), GetIp(), request);
if (verifyResult.Failure)
{
ModelState.AddErrors(verifyResult.Errors);
Result <AddTwoFactorAuthenticatorViewModel> codeResult = await _manageDataService.GetAddTwoFactorAuthenticatorViewModel(userId, GetSessionCode(), GetIp());
if (codeResult.Failure)
{
ModelState.AddErrors(verifyResult.Errors);
return(View());
}
return(View(codeResult.Value));
}
Result <TwoFactorAuthenticatorViewModel> result = _manageDataService.GetTwoFactorAuthenticatorViewModel(GetUserId());
if (result.Failure)
{
result.Value.StatusAlert = StatusAlertViewExtension.Get(result);
return(View(result.Value));
}
result.Value.StatusAlert = StatusAlertViewExtension.Get("Authenticator added.");
return(View("TwoFactorAuthenticator", result.Value));
}
public async Task <Result> VerifyTwoFactorCode(string userId, string sessionCode, string ip, AddTwoFactorAuthenticatorRequest request)
{
ValidationResult validationResult = _addTwoFactorValidator.Validate(request);
if (!validationResult.IsValid)
{
_logger.LogError($"Invalid TwoFactor Verificatin code. ");
return(Result.Fail(ResultUtils.ToResultError(validationResult.Errors)));
}
AppUserEntity appUser = await _userManager.FindByIdAsync(userId);
if (appUser == null)
{
_logger.LogError($"No user. UserId {userId}");
return(Result.Fail("no_user", "No User"));
}
string vereficationCode = request.VereficationCode.Replace(" ", string.Empty).Replace("-", string.Empty);
bool isCodeValid = await _userManager.VerifyTwoFactorTokenAsync(appUser, _userManager.Options.Tokens.AuthenticatorTokenProvider, vereficationCode);
if (!isCodeValid)
{
_logger.LogError($"Invlid TwoFactor Verification code. User {userId}");
return(Result.Fail("invlid_code", "Invalid Code", "VereficationCode"));
}
await _userManager.SetTwoFactorEnabledAsync(appUser, true);
_logger.LogInformation($"2fa enabled. User {appUser.Id}");
//TO DO: generate recovery codes
Result loginResult = await _loginService.Login(userId, sessionCode, ip);
if (loginResult.Failure)
{
_logger.LogError($"Faild to login user after 2fa reset. UserId {userId}");
}
return(Result.Ok());
}
public Task <Result <IEnumerable <string> > > VerifyTwoFactorCode(string userId, AddTwoFactorAuthenticatorRequest request)
{
ValidationResult validationResult = _addTwoFactorValidator.Validate(request);
if (!validationResult.IsValid)
{
_logger.LogError($"Invalid TwoFactor Verification code. ");
return(Task.FromResult(Result.Fail <IEnumerable <string> >(ResultUtils.ToResultError(validationResult.Errors))));
}
string vereficationCode = request.VereficationCode.Replace(" ", string.Empty).Replace("-", string.Empty);
return(AddTwoFactorAuthentication(userId, TwoFactorAuthenticationType.Authenticator, vereficationCode));
}