public ActionResult EnableTwoFactorAuthentication()
{
Guid accountGuid = Guid.Parse(this.CurrentUser.AccountName);
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.GUID == accountGuid);
if (user == null)
{
TempData["ErrorMessage"] = "A general error occured. Please contact support at " + ConfigurationManager.AppSettings["SiteEmail"].ToString() + ".";
return(RedirectToAction("Account", "Home"));
}
else if (user.TwoFactorGUID.HasValue)
{
TempData["ErrorMessage"] = "Two Factor Authentication already enabled!";
return(RedirectToAction("Account", "Home"));
}
else
{
Guid secret = Guid.NewGuid();
Session["secret"] = secret;
TwoFactorAuthenticator tfa = new TwoFactorAuthenticator();
var setupInfo = tfa.GenerateSetupCode(ConfigurationManager.AppSettings["SiteName"].ToString(), user.Email, secret.ToString(), 300, 300);
ViewBag.KeyImage = setupInfo.QrCodeSetupImageUrl;
ViewBag.KeyText = setupInfo.ManualEntryKey;
}
return(View());
}
private bool SignIn(OnionUser user)
{
new Thread(() =>
{
OnionWalletEntities threadEntities = new OnionWalletEntities();
VisitorLog logEntry = new VisitorLog();
if (user.DoLogIpAddresses)
{
logEntry.IpAddress = Request.UserHostAddress;
}
logEntry.CreateDate = DateTime.Now;
logEntry.OnionUserID = user.OnionUserID;
threadEntities.VisitorLogs.Add(logEntry);
threadEntities.SaveChanges();
}).Start();
var identity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.NameIdentifier, user.GUID.ToString()),
new Claim("AccountName", user.GUID.ToString()),
new Claim("Email", user.Email),
new Claim("OnionAddress", user.OnionAddress)
},
"ApplicationCookie");
var ctx = Request.GetOwinContext();
var authManager = ctx.Authentication;
authManager.SignIn(identity);
return(true);
}
public static void Error(string message)
{
OnionWalletEntities entities = new OnionWalletEntities();
Log log = new Log();
log.CreateDate = DateTime.Now;
log.Level = 3;
log.Type = (int)LogTypeEnum.Error;
entities.Logs.Add(log);
entities.SaveChanges();
}
protected void Application_Error(object sender, EventArgs e)
{
Exception exception = Server.GetLastError();
Server.ClearError();
UrlHelper url = new UrlHelper(HttpContext.Current.Request.RequestContext);
try
{
OnionWalletEntities entities = new OnionWalletEntities();
Log log = new Log();
log.CreateDate = DateTime.Now;
log.Level = 3;
log.Type = 1;
log.Message = (exception != null) ? exception.Message : "Hmmm!?";
log.Message = log.Message + Environment.NewLine + Environment.NewLine +
Context.Request.RequestContext.RouteData.Values["controller"].ToString() + "/" +
Context.Request.RequestContext.RouteData.Values["action"].ToString();
entities.Logs.Add(log);
}
catch (Exception ex)
{
//so what
}
finally
{
if (exception != null)
{
if (((HttpException)exception).GetHttpCode() == 404)
{
Response.Redirect(url.Action("Error404", "Error"));
}
else if (((HttpException)exception).GetHttpCode() == 500)
{
Response.Redirect(url.Action("Error500", "Error"));
}
else
{
Response.Redirect(url.Action("Index", "Error"));
}
}
else
{
Response.Redirect(url.Action("Index", "Error"));
}
}
return;
}
public ActionResult StoreIP(string value)
{
Guid accountGuid = Guid.Parse(this.CurrentUser.AccountName);
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.GUID == accountGuid);
if (user == null)
{
TempData["ErrorMessage"] = "A general error occured. Please contact support at " + ConfigurationManager.AppSettings["SiteEmail"].ToString() + ".";
}
else
{
user.DoLogIpAddresses = (value == "on");
entities.SaveChanges();
TempData["SuccessMessage"] = "Log IP settings updated.";
}
return(RedirectToAction("Account", "Home"));
}
public ActionResult DisableTwoFactorAuthentication()
{
Guid accountGuid = Guid.Parse(this.CurrentUser.AccountName);
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.GUID == accountGuid);
if (user == null)
{
TempData["ErrorMessage"] = "A general error occured. Please contact support at " + ConfigurationManager.AppSettings["SiteEmail"].ToString() + ".";
}
else
{
user.TwoFactorGUID = null;
entities.SaveChanges();
TempData["SuccessMessage"] = "Two Factor Authentication is disabled.";
}
return(RedirectToAction("Account", "Home"));
}
public ActionResult Login(IndexModel data)
{
if (!ModelState.IsValid)
{
return(View());
}
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.Email == data.LoginEmail);
if (user != null && user.CheckPassword(data.LoginPassword))
{
if (!user.IsEmailConfirmed)
{
TempData["ErrorMessage"] = "Please confirm email before login.";
TempData["LoginEmail"] = data.LoginEmail;
return(RedirectToAction("Index"));
}
if (user.TwoFactorGUID.HasValue)
{
TwoFactorAuthenticator tfa = new TwoFactorAuthenticator();
if (string.IsNullOrEmpty(data.TwoFactorAuthentication) || !tfa.ValidateTwoFactorPIN(user.TwoFactorGUID.ToString(), data.TwoFactorAuthentication.Replace(" ", "")))
{
TempData["ErrorMessage"] = "2FA Code not correct.";
TempData["LoginEmail"] = data.LoginEmail;
return(RedirectToAction("Index"));
}
}
if (SignIn(user))
{
return(Redirect(GetRedirectUrl(data.ReturnUrl)));
}
}
// Authentication failed, shouldn't get here.
TempData["ErrorMessage"] = "Invalid email or password";
TempData["LoginEmail"] = data.LoginEmail;
return(RedirectToAction("Index"));
}
public ActionResult MailConfirmation(Guid?guid)
{
if (guid.HasValue)
{
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser onionUser = entities.OnionUsers.FirstOrDefault(x => x.EmailConfirmationGUID == guid.Value);
if (onionUser != null)
{
onionUser.IsEmailConfirmed = true;
entities.SaveChanges();
TempData["SuccessMessage"] = "Email confirmed, enjoy the party!";
}
else
{
TempData["ErrorMessage"] = "Account not found!";
}
}
return(RedirectToAction("Index"));
}
public bool Load(Guid accountName)
{
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.GUID == accountName);
if (user != null)
{
this.PasswordRecovery = user.RecoveryGUID;
this.Email = user.Email;
this.DoLogIpAddresses = user.DoLogIpAddresses;
this.SignupDate = user.CreateDate;
this.TwoFactorGUID = user.TwoFactorGUID;
this.LastLogins = entities.VisitorLogs.Where(x => x.OnionUserID == user.OnionUserID).OrderByDescending(x => x.CreateDate).Take(20).ToDictionary(x => x.CreateDate, y => y.IpAddress);
return(true);
}
else
{
return(false);
}
}
public ActionResult EnableTwoFactorAuthentication(string code)
{
Guid secret = Guid.Empty;
if (Session["secret"] != null)
{
if (Guid.TryParse(Session["secret"].ToString(), out secret))
{
Guid accountGuid = Guid.Parse(this.CurrentUser.AccountName);
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.GUID == accountGuid);
if (user == null || string.IsNullOrEmpty(code))
{
TempData["ErrorMessage"] = "A general error occured. Please contact support at " + ConfigurationManager.AppSettings["SiteEmail"].ToString() + ".";
}
else
{
TwoFactorAuthenticator tfa = new TwoFactorAuthenticator();
if (tfa.ValidateTwoFactorPIN(secret.ToString(), code.Replace(" ", "")))
{
user.TwoFactorGUID = secret;
entities.SaveChanges();
TempData["SuccessMessage"] = "Two Factor Authentication enabled.";
}
else
{
TempData["ErrorMessage"] = "Wrong code. Authentication failed.";
}
}
}
}
else
{
TempData["ErrorMessage"] = "A general error occured. Please contact support at " + ConfigurationManager.AppSettings["SiteEmail"].ToString() + ".";
}
return(RedirectToAction("Account", "Home"));
}
public ActionResult ChangePassword(string currentpassword, string newpassword, string retypedpassword)
{
if (string.IsNullOrEmpty(currentpassword) || string.IsNullOrEmpty(currentpassword) || string.IsNullOrEmpty(currentpassword))
{
TempData["ErrorMessage"] = "All password fields must be filled to change the password.";
}
else
{
Guid accountGuid = Guid.Parse(this.CurrentUser.AccountName);
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.GUID == accountGuid);
if (user == null)
{
TempData["ErrorMessage"] = "A general error occured. Please contact support at " + ConfigurationManager.AppSettings["SiteEmail"].ToString() + ".";
}
else
{
if (!user.CheckPassword(currentpassword))
{
TempData["ErrorMessage"] = "Current password does not match.";
}
else if (newpassword != retypedpassword)
{
TempData["ErrorMessage"] = "New passwords are not the same.";
}
else
{
user.SetPassword(newpassword);
entities.SaveChanges();
TempData["SuccessMessage"] = "Password updated.";
}
}
}
return(RedirectToAction("Account", "Home"));
}
public ActionResult Register(IndexModel data)
{
if (!ModelState.IsValid)
{
return(View(data));
}
if (data.RegisterPassword != data.RegisterRepeatPassword)
{
TempData["ErrorMessage"] = "Passwords do not match.";
TempData["RegisterEmail"] = data.RegisterEmail;
return(RedirectToAction("Index"));
}
if (!data.RegisterAcceptTOS)
{
TempData["ErrorMessage"] = "Please accept terms of service.";
TempData["RegisterEmail"] = data.RegisterEmail;
return(RedirectToAction("Index"));
}
OnionWalletEntities entities = new OnionWalletEntities();
OnionUser existing = entities.OnionUsers.FirstOrDefault(x => x.Email == data.RegisterEmail.ToLower());
if (existing != null)
{
TempData["ErrorMessage"] = "Email already exists!";
TempData["RegisterEmail"] = data.RegisterEmail;
return(RedirectToAction("Index"));
}
OnionUser user = new OnionUser();
user.InitGUIDs();
user.Email = data.RegisterEmail;
user.SetPassword(data.RegisterPassword);
user.IsMailing = data.RegisterIsMailing;
user.OnionAddress = "gugus";
user.IsActive = true;
user.CreateDate = DateTime.Now;
entities.OnionUsers.Add(user);
entities.SaveChanges();
string subject = "OnionWallet Email confirmation";
string body = "Hi" + Environment.NewLine + Environment.NewLine + "You have successfully created your Web OnionWallet on onionwallet.ch!" + Environment.NewLine + Environment.NewLine;
body = body + "Please click the link below to activate your wallet:" + Environment.NewLine + Environment.NewLine;
body = body + ConfigurationManager.AppSettings["BaseURL"].ToString() + "/mailconfirmation/" + user.EmailConfirmationGUID.ToString() + Environment.NewLine + Environment.NewLine;
body = body + "Thanks and enjoy the Onion Party!";
new Thread(() =>
{
OnionWalletEntities threadEntities = new OnionWalletEntities();
try
{
OnionUser threadUser = threadEntities.OnionUsers.FirstOrDefault(x => x.GUID == user.GUID);
OnionHandler onionHandler = new OnionHandler();
threadUser.OnionAddress = onionHandler.CreateAccount(user.GUID.ToString());
threadEntities.SaveChanges();
}
catch (Exception ex)
{
Log log = new Log();
log.CreateDate = DateTime.Now;
log.Level = 1;
log.Message = ex.Message;
log.Type = (int)LogTypeEnum.Error;
log.UserID = 0;
threadEntities.Logs.Add(log);
threadEntities.SaveChanges();
}
}).Start();
new Thread(() =>
{
try
{
GmailHandler.SendMail(user.Email, subject, body);
}
catch (Exception ex)
{
OnionWalletEntities threadEntities = new OnionWalletEntities();
Log log = new Log();
log.CreateDate = DateTime.Now;
log.Level = 1;
log.Message = ex.Message;
log.Type = (int)LogTypeEnum.Error;
log.UserID = 0;
threadEntities.Logs.Add(log);
threadEntities.SaveChanges();
}
}).Start();
TempData["SuccessMessage"] = "Party ticket booked! Please click link in confirmation email and log in to access your wallet. Check your spam folder, if you can't find the email.";
return(RedirectToAction("Index"));
}
