/// <summary> /// Çoklu doğrulama için gönderilecek mesajdır. Msg'da string format için {0} ifadesi yer almalıdır. /// </summary> /// <param name="principleInfo"></param> /// <param name="msg"></param> /// <returns></returns> public void SendMFACode(PxPrincipalInfo principleInfo, string msg) { FesMultiFAParameter parameter = JsonConvert.DeserializeObject <FesMultiFAParameter>(PxConfigurationManager.PxConfig.Authentication.MultiFA.Parameter); if (parameter == null) { throw AuthExceptions.MFAParameterNotFound(); } if (principleInfo == null) { throw AuthExceptions.PrincipleInfoNotFound(); } if (string.IsNullOrEmpty(msg)) { msg = PxConfigurationManager.PxConfig.Authentication.MultiFA.Message; } string refNo = generateReferenceNo(principleInfo.UserId); string verificationCode = Toolkit.Instance.GenerateRandomNumber(6).ToString(); string encryptedVerificationCode = encryptVerificationCode(verificationCode, principleInfo.PhoneNumber); string message = string.Format(msg, string.Format("#{0}#", encryptedVerificationCode)); MFAWebServiceResult result = null; using (MFAWebServicesClient svcClient = new MFAWebServicesClient(MFAWebServicesClient.EndpointConfiguration.MFAWebServicesSoapHttpPort, new System.ServiceModel.EndpointAddress(parameter.FesServiceUrl))) { result = svcClient.MFAWebSrvAsync(parameter.FesUser, parameter.FesUserPassword, parameter.FesServiceId, parameter.FesEnvironment, prepareInputXmlForFes(message, parameter.FesProjectId, principleInfo.PhoneNumber)).Result; } using (PeakDbContext dbContext = new PeakDbContext()) { MFAMessage mfa = new MFAMessage() { Date = DateTime.Now, IsUsed = false, PhoneNumber = principleInfo.PhoneNumber, UserId = principleInfo.UserId, RereferenceCode = refNo, VerificationCode = encryptedVerificationCode }; dbContext.MFAMessages.Add(mfa); dbContext.SaveChanges(); } if (result.errorCode != "0") { throw new PxUnexpectedErrorException(new Exception(result.errorMsg)); } principleInfo.Authentication.MFAReferenceCode = refNo; PxSession session = PxSession.Get(); session.Principal = principleInfo; PxSession.Save(session); }
/// <summary> /// /// </summary> /// <param name="principleInfo"></param> /// <param name="verificationCode"></param> public void CheckMFACode(PxPrincipalInfo principleInfo, string verificationCode) { using (PeakDbContext dbContext = new PeakDbContext()) { MFAMessage mfa = dbContext.MFAMessages.FirstOrDefault(x => x.RereferenceCode == principleInfo.Authentication.MFAReferenceCode && x.UserId == principleInfo.UserId && !x.IsUsed); if (mfa == null) { throw AuthExceptions.InvalidMFAReferenceNo(); } User usr = dbContext.Users.FirstOrDefault(x => x.Id == principleInfo.UserId); if (usr.PasswordState == PasswordState.Blocked) { throw AuthExceptions.MFAUserBlocked(); } if (DateTime.Now > mfa.Date.AddMinutes(PxConfigurationManager.PxConfig.Authentication.MultiFA.CodeValidDuration)) { throw AuthExceptions.MFACodeExpired(); } string encryptedVerificationCode = encryptVerificationCode(verificationCode, principleInfo.PhoneNumber); if (!string.Equals(encryptedVerificationCode, mfa.VerificationCode)) { usr.MFATryCount++; if (usr.MFATryCount >= PxConfigurationManager.PxConfig.Authentication.Policy.MaxFailedMFAAttemptCount) { usr.MFATryCount = 0; usr.PasswordState = PasswordState.Blocked; dbContext.SaveChanges(); throw AuthExceptions.MFAUserBlocked(); } dbContext.SaveChanges(); throw AuthExceptions.MFAAuthenticationFailed(); } usr.MFATryCount = 0; dbContext.SaveChanges(); } principleInfo.Authentication.IsMFAAuthenticationCompleted = true; PxSession session = PxSession.Get(); session.Principal = principleInfo; PxSession.Save(session); }