public LoginOM ValidateAuthenticatorBySMSCode(ValidateLoginBySMSCodeIM im, string deviceNumber)
{
var user = CheckUser(im.CountryId, im.Cellphone);
var prevVerifier = new LoginCellphoneVerifier();
var hadOpenedGoogleAuth = ValidationFlagComponent.CheckSecurityOpened(user.ValidationFlag, ValidationFlag.GooogleAuthenticator);
var deviceList = new UserDeviceDAC().GetUserDeviceByAccountId(user.Id);
if (!deviceList.Any())
{
new ApplicationException();
}
if (deviceList.All(item => item.DeviceNumber != deviceNumber))
{
new ApplicationException();
}
SecurityVerify.Verify(new GoogleVerifier(), SystemPlatform.FiiiPay, user.Id.ToString(), user.AuthSecretKey, im.GoogleCode);
SecurityVerify.Verify <LoginBySMSVerify>(new CustomVerifier("LoginBySMS"), SystemPlatform.FiiiPay, user.Id.ToString(), (model) =>
{
return(model.CellphoneVerified);
});
var loginOm = IssueAccessToken(user);
return(loginOm);
}
public ActionResult CheckEmail(ResetEmailOldViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
try
{
SecurityVerify.Verify <ResetEmailOldVerification>(model.Email.Replace("@", "_"), null, model.Code);
}
catch (ApplicationException ex)
{
ModelState.AddModelError("", ex.Message);
return(View(model));
}
catch (Exception)
{
ModelState.AddModelError("", GeneralResource.SaveFailed);
return(View(model));
}
var emailToken = SecurityVerify.SendCode <ResetEmailOldTokenVerification>(model.Email.Replace("@", "_"), model.Email);
var timeTicks = Encrypts.GenerateTicksInTenTime();
var token = HttpUtility.UrlEncode(PasswordHasher.HashPassword(emailToken + timeTicks));
return(RedirectToAction("ResetEmail", new { token }));
}
public bool CheckPin(Guid accountId, string pin)
{
var user = new UserAccountDAC().GetById(accountId);
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiShop, accountId.ToString(), user.Pin, pin);
return(true);
}
public void ModifyCellphone(Guid accountId, string cellphone)
{
var dac = new MerchantAccountDAC();
var account = dac.GetById(accountId);
SecurityVerify.Verify <ModifyCellphoneVerify>(new CustomVerifier("ModifyCellphone"), SystemPlatform.FiiiPOS, account.Id.ToString(), (model) =>
{
return(model.PinVerified && model.NewCellphoneVerified && model.CombinedVerified);
});
if (account.Cellphone == cellphone)
{
throw new CommonException(10000, Resources.新手机号码不能与原来的一致);
}
//修改手机号
dac.UpdateCellphone(accountId, cellphone);
var agent = new MerchantProfileAgent();
var profile = new MerchantProfile
{
MerchantId = accountId,
Cellphone = cellphone,
Country = account.CountryId
};
agent.UpdateCellphone(profile);
}
public bool H5Register(H5RegisterIM im)
{
if (im.Cellphone.StartsWith("170") || im.Cellphone.StartsWith("171"))
{
throw new CommonException(ReasonCode.PhoneNumber_Invalid, MessageResources.InvalidCellphone);
}
var verifier = new RegisterCellphoneVerifier();
SecurityVerify.Verify(verifier, SystemPlatform.FiiiPay, $"{im.CountryId}:{im.Cellphone}", im.SMSCode, true);
var accountDAC = new UserAccountDAC();
if (!IsNullOrEmpty(im.InviterCode) && !accountDAC.ExistInviterCode(im.InviterCode))
{
throw new CommonException(ReasonCode.INVITORCODE_NOT_EXISTS, MessageResources.InvalidInvitation);
}
if (!AccountUseable(im.CountryId, im.Cellphone))
{
throw new CommonException(ReasonCode.ACCOUNT_EXISTS, Format(MessageResources.AccountAlreadyExist, im.Cellphone));
}
bool result = Register(im.CountryId, im.Cellphone, im.Password, im.InviterCode);
if (result)
{
SecurityVerify.InvalidateCode(verifier, SystemPlatform.FiiiPay, $"{im.CountryId}:{im.Cellphone}");
}
return(result);
}
public async Task <ActionResult> ResetPsw(ResetPasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var accountComponent = new AccountComponent();
var account = await accountComponent.GetAccountByIdAsync(AccountInfo.Id);
try
{
SecurityVerify.Verify <PasswordVerification>(account.Id.ToString(), account.Password, model.OldPassword);
}
catch (ApplicationException ex)
{
ModelState.AddModelError("", ex.Message);
return(View(model));
}
catch (Exception)
{
ModelState.AddModelError("", GeneralResource.SaveFailed);
return(View(model));
}
await accountComponent.ResetPasswordAsync(account.Id, PasswordHasher.HashPassword(model.NewPassword));
EmptyLoginInfo();
ViewBag.PasswordHasSet = "1";
ViewBag.PageName = MerchantIndex.Pagename;
return(View(model));
}
public void BindMerchantAccount(BindMerchantAuthIM im, Guid merchantId)
{
SecurityVerify.Verify <BindGoogleAuth>(new CustomVerifier("BindGoogleAuth"), SystemPlatform.FiiiPOS, merchantId.ToString(), (model) =>
{
return(model.PinVerified && model.GoogleVerified && model.CombinedVerified);
});
var mDAC = new MerchantAccountDAC();
var merchant = mDAC.GetById(merchantId);
if (merchant == null)
{
throw new CommonException(ReasonCode.ACCOUNT_NOT_EXISTS, Resources.用户不存在);
}
if (string.IsNullOrEmpty(merchant.AuthSecretKey))
{
var oldFlag = merchant.ValidationFlag;
var newFlag = ValidationFlagComponent.AddValidationFlag(oldFlag, ValidationFlag.GooogleAuthenticator);
mDAC.UpdateGoogleAuthencator(merchant.Id, im.SecretKey, newFlag);
}
else
{
mDAC.SetAuthSecretById(merchant.Id, im.SecretKey);
}
}
public void VerifyUpdateEmailPin(UserAccount user, string pin)
{
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPay, user.Id.ToString(), user.Pin, pin);
var model = SecurityVerify.GetModel <UpdateEmailVerify>(new CustomVerifier("UpdateEmail"), SystemPlatform.FiiiPay, user.Id.ToString());
model.PinVerified = true;
SecurityVerify.SetModel(new CustomVerifier("UpdateEmail"), SystemPlatform.FiiiPay, user.Id.ToString(), model);
}
public void VerifyNewEmail(Guid accountId, string code)
{
SecurityVerify.Verify(new UpdateEmailNewVerifier(), SystemPlatform.FiiiPOS, accountId.ToString(), code);
var model = SecurityVerify.GetModel <FiiiPosUpdateEmailVerify>(new CustomVerifier("UpdateEmail"), SystemPlatform.FiiiPOS, accountId.ToString());
model.NewEmailVerified = true;
SecurityVerify.SetModel(new CustomVerifier("UpdateEmail"), SystemPlatform.FiiiPOS, accountId.ToString(), model);
}
public void VerifyModifyCellphoneSMS(Guid accountId, string smsCode)
{
SecurityVerify.Verify(new ModifyCellphoneVerifier(), SystemPlatform.FiiiPOS, accountId.ToString(), smsCode, true);
var model = SecurityVerify.GetModel <ModifyCellphoneVerify>(new CustomVerifier("ModifyCellphone"), SystemPlatform.FiiiPOS, accountId.ToString());
model.NewCellphoneVerified = true;
SecurityVerify.SetModel(new CustomVerifier("ModifyCellphone"), SystemPlatform.FiiiPOS, accountId.ToString(), model);
}
/// <summary>
/// 验证新邮箱
/// </summary>
/// <param name="user"></param>
/// <param name="email"></param>
/// <param name="code"></param>
public void VerifyNewEmail(UserAccount user, string email, string code)
{
SecurityVerify.Verify(new UpdateEmailNewVerifier(), SystemPlatform.FiiiPay, user.Id.ToString(), code);
var model = SecurityVerify.GetModel <UpdateEmailVerify>(new CustomVerifier("UpdateEmail"), SystemPlatform.FiiiPay, user.Id.ToString());
model.NewEmailVerified = true;
SecurityVerify.SetModel(new CustomVerifier("UpdateEmail"), SystemPlatform.FiiiPay, user.Id.ToString(), model);
}
public void VerifyBindGoogleAuth(Guid accountId, string secretKey, string code)
{
SecurityVerify.Verify(new GoogleVerifier(), SystemPlatform.FiiiPOS, accountId.ToString(), secretKey, code);
var model = SecurityVerify.GetModel <BindGoogleAuth>(new CustomVerifier("BindGoogleAuth"), SystemPlatform.FiiiPOS, accountId.ToString());
model.GoogleVerified = true;
SecurityVerify.SetModel(new CustomVerifier("BindGoogleAuth"), SystemPlatform.FiiiPOS, accountId.ToString(), model);
}
public LoginOM NewDeviceLogin(NewDeviceLoginIM im, string deviceNumber)
{
var user = CheckUser(im.CountryId, im.Cellphone, im.Password);
var customVerifier = new CustomVerifier("NewDeviceLogin");
SecurityVerify.SetModel(customVerifier, SystemPlatform.FiiiPay, user.Id.ToString(), new NewDeviceLogin());
SecurityVerify.Verify <NewDeviceLogin>(customVerifier, SystemPlatform.FiiiPay, user.Id.ToString(), (m) =>
{
bool result = true;
if (user.L1VerifyStatus == VerifyStatus.Certified)
{
var identityNo = new UserProfileComponent().PreVerifyLv1(user).IdentityDocNo;
result = result && new IDNumberVerifier().Verify(SystemPlatform.FiiiPay, user.Id.ToString(), identityNo, im.IdentityDocNo);
if (!result)
{
var errorCountKey = customVerifier.GetErrorCountKey(SystemPlatform.FiiiPay, user.Id.ToString());
var errorCount = SecurityVerify.CheckErrorCount(customVerifier, errorCountKey);
new IDNumberVerifier().VerifyFaild(Constant.VIRIFY_FAILD_TIMES_LIMIT - errorCount - 1);
}
}
if (!string.IsNullOrEmpty(user.Pin))
{
result = result && new PinVerifier().Verify(SystemPlatform.FiiiPay, user.Id.ToString(), user.Pin, AES128.Decrypt(im.Pin, AES128.DefaultKey));
if (!result)
{
var errorCountKey = customVerifier.GetErrorCountKey(SystemPlatform.FiiiPay, user.Id.ToString());
var errorCount = SecurityVerify.CheckErrorCount(customVerifier, errorCountKey);
new PinVerifier().VerifyFaild(Constant.VIRIFY_FAILD_TIMES_LIMIT - errorCount - 1);
}
}
if (SecurityVerify.CheckSecurityOpened(user.ValidationFlag, ValidationFlag.GooogleAuthenticator))
{
var googleVerifier = new GoogleVerifier();
if (string.IsNullOrEmpty(im.GoogleCode))
{
result = false;
}
result = result && SecurityVerify.CheckCodeValid(googleVerifier, SystemPlatform.FiiiPay, user.Id.ToString(), im.GoogleCode);
result = result && googleVerifier.Verify(user.AuthSecretKey, im.GoogleCode);
if (!result)
{
var errorCountKey = customVerifier.GetErrorCountKey(SystemPlatform.FiiiPay, user.Id.ToString());
var errorCount = SecurityVerify.CheckErrorCount(customVerifier, errorCountKey);
googleVerifier.VerifyFaild(Constant.VIRIFY_FAILD_TIMES_LIMIT - errorCount - 1);
}
}
return(result);
});
new UserDeviceDAC().Insert(new UserDevice()
{
DeviceNumber = deviceNumber, Name = " ", UserAccountId = user.Id, LastActiveTime = DateTime.UtcNow
});
return(IssueAccessToken(user));
}
public void VerifyOpenGoogleAuth(UserAccount user, string code)
{
SecurityVerify.Verify(new GoogleVerifier(), SystemPlatform.FiiiPay, user.Id.ToString(), user.AuthSecretKey, code);
var model = new OpenGoogleAuth {
GoogleVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("OpenGoogleAuth"), SystemPlatform.FiiiPay, user.Id.ToString(), model);
}
public void VerifyUpdateCellphoneNewCode(UserAccount user, VerifyUpdateCellphoneNewCodeIM im)
{
SecurityVerify.Verify(new UpdateCellphoneNewVerifier(), SystemPlatform.FiiiPay, user.Id.ToString(), im.Code);
var model = SecurityVerify.GetModel <UpdateCellphoneVerify>(new CustomVerifier("UpdateCellphone"), SystemPlatform.FiiiPay, user.Id.ToString());
model.NewCellphoneVerified = true;
SecurityVerify.SetModel(new CustomVerifier("UpdateCellphone"), SystemPlatform.FiiiPay, user.Id.ToString(), model);
}
public async Task <ActionResult> ResetEmail(ResetEmailNewViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var account = await new AccountComponent().GetAccountByIdAsync(AccountInfo.Id);
if (model.Email.Equals(account.Email, StringComparison.CurrentCultureIgnoreCase))
{
ModelState.AddModelError("", AccountResetEmail.EmailSameAsOriginal);
}
try
{
var token = HttpUtility.UrlDecode(model.Token);
SecurityVerify.Verify <ResetEmailOldTokenVerification>(account.Email.Replace("@", "_"), null, token, false);
}
catch (ApplicationException ex)
{
ModelState.AddModelError("", ex.Message);
return(View(model));
}
catch (Exception)
{
ModelState.AddModelError("", GeneralResource.SaveFailed);
return(View(model));
}
try
{
SecurityVerify.Verify <ResetEmailNewVerification>(model.Email.Replace("@", "_"), null, model.Code);
}
catch (ApplicationException ex)
{
ModelState.AddModelError("", ex.Message);
return(View(model));
}
catch (Exception)
{
ModelState.AddModelError("", GeneralResource.SaveFailed);
return(View(model));
}
var emailExist = await new AccountComponent().CheckEmailBind(AccountInfo.Id, model.Email);
if (emailExist)
{
ModelState.AddModelError("", AccountFirstSetting.EmailBindByOtherAccount);
return(View(model));
}
SecurityVerify.DeleteCodeKey <ResetEmailOldTokenVerification>(account.Email.Replace("@", "_"));
await new AccountComponent().ResetEmailAsync(account.Id, model.Email);
return(RedirectToAction("Index", "Merchant", new { lang = CurrentLanguage }));
}
public void VerifyForgotPasswordCode(int countryId, string cellphone, string code)
{
SecurityVerify.Verify(new ForgetPasswordCellphoneVerifier(), SystemPlatform.FiiiPay, $"{countryId}:{cellphone}", code);
var model = new ResetPasswordVerify
{
CellphoneVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("ForgotPassword"), SystemPlatform.FiiiPay, $"{countryId}:{cellphone}", model);
}
public void VerifySetEmailPin(Guid accountId, string pin)
{
var account = new MerchantAccountDAC().GetById(accountId);
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPOS, account.Id.ToString(), account.PIN, pin);
var model = SecurityVerify.GetModel <FiiiPosSetEmailVerify>(new CustomVerifier("SetEmail"), SystemPlatform.FiiiPOS, account.Id.ToString());
model.PinVerified = true;
SecurityVerify.SetModel(new CustomVerifier("SetEmail"), SystemPlatform.FiiiPOS, account.Id.ToString(), model);
}
public void VerificationSMSCode(int countryId, string cellphone, string code)
{
SecurityVerify.Verify(new FiiiPosRegisterVerifier(), SystemPlatform.FiiiPOS, $"{countryId}{cellphone}", code);
var model = new FiiiPosSignUpVerify
{
CellphoneVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("FiiiPosSignUp"), SystemPlatform.FiiiPOS, $"{countryId}:{cellphone}", model);
}
public void VerifyUpdateCellphonePin(UserAccount user, string pin)
{
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPay, user.Id.ToString(), user.Pin, pin);
var model = new UpdateCellphoneVerify
{
PinVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("UpdateCellphone"), SystemPlatform.FiiiPay, user.Id.ToString(), model);
}
public void VerifyBindPin(UserAccount user, string pin)
{
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPay, user.Id.ToString(), user.Pin, pin);
var model = new BindGoogleAuth
{
PinVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("BindGoogleAuth"), SystemPlatform.FiiiPay, user.Id.ToString(), model);
}
public void VerifyOpenGoogleAuth(Guid merchantId, string code)
{
var merchant = new MerchantAccountDAC().GetById(merchantId);
SecurityVerify.Verify(new GoogleVerifier(), SystemPlatform.FiiiPOS, merchant.Id.ToString(), merchant.AuthSecretKey, code);
var model = new OpenGoogleAuth {
GoogleVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("OpenGoogleAuth"), SystemPlatform.FiiiPOS, merchant.Id.ToString(), model);
}
public void VerifyGoogleAuthByMerchantAccount(string googleCode, string merchantAccount)
{
var dac = new MerchantAccountDAC();
var account = dac.GetByUsername(merchantAccount);
SecurityVerify.Verify(new GoogleVerifier(), SystemPlatform.FiiiPOS, account.Id.ToString(), account.AuthSecretKey, googleCode);
var model = SecurityVerify.GetModel <BindAccountVerify>(new CustomVerifier("BindAccount"), SystemPlatform.FiiiPOS, merchantAccount);
model.GoogleVerified = true;
SecurityVerify.SetModel(new CustomVerifier("BindAccount"), SystemPlatform.FiiiPOS, merchantAccount, model);
}
public void SetEmail(Guid accountId)
{
string emailAddress = "";
SecurityVerify.Verify <FiiiPosSetEmailVerify>(new CustomVerifier("SetEmail"), SystemPlatform.FiiiPOS, accountId.ToString(), (model) =>
{
emailAddress = model.Email;
return(model.PinVerified && model.EmailVerified);
});
new MerchantAccountDAC().UpdateEmail(accountId, emailAddress);
}
public void VerifyUpdatePasswordPin(UserAccount user, string code)
{
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPay, user.Id.ToString(), user.Pin, code);
var model = new UpdatePasswordVerify
{
PinVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("UpdatePassword"), SystemPlatform.FiiiPay, user.Id.ToString(), model);
}
public void VerifyPINByMerchantAccount(string pin, string merchantAccount)
{
var dac = new MerchantAccountDAC();
var account = dac.GetByUsername(merchantAccount);
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPOS, account.Id.ToString(), account.PIN, pin);
var model = SecurityVerify.GetModel <BindAccountVerify>(new CustomVerifier("BindAccount"), SystemPlatform.FiiiPOS, merchantAccount);
model.PinVerified = true;
SecurityVerify.SetModel(new CustomVerifier("BindAccount"), SystemPlatform.FiiiPOS, merchantAccount, model);
}
public void VerifyBindPin(Guid accountId, string pin)
{
var merchant = new MerchantAccountDAC().GetById(accountId);
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPOS, merchant.Id.ToString(), merchant.PIN, pin);
var model = new BindGoogleAuth
{
PinVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("BindGoogleAuth"), SystemPlatform.FiiiPOS, merchant.Id.ToString(), model);
}
public void VerifyWithdrawPIN(Guid accountId, string pin)
{
MerchantAccount account = new MerchantAccountDAC().GetById(accountId);
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPOS, accountId.ToString(), account.PIN, pin);
var model = new WithdrawVerify
{
PinVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("MerchantWithdraw"), SystemPlatform.FiiiPOS, accountId.ToString(), model);
}
public void VerifyUnBindAccountPin(Guid merchantId, string pin)
{
var merchant = new MerchantAccountDAC().GetById(merchantId);
SecurityVerify.Verify(new PinVerifier(), SystemPlatform.FiiiPOS, merchant.Id.ToString(), merchant.PIN, pin);
var model = new UnBindAccountVerify
{
PinVerified = true
};
SecurityVerify.SetModel(new CustomVerifier("UnBindAccount"), SystemPlatform.FiiiPOS, merchant.Id.ToString(), model);
}
public void CloseUserAccount(UserAccount user)
{
SecurityVerify.Verify <CloseGoogleAuth>(new CustomVerifier("CloseGoogleAuth"), SystemPlatform.FiiiPay, user.Id.ToString(), (model) =>
{
return(model.PinVerified && model.CombinedVerified);
});
var userDAC = new UserAccountDAC();
var oldFlag = user.ValidationFlag;
var newFlag = ValidationFlagComponent.ReduceValidationFlag(oldFlag, ValidationFlag.GooogleAuthenticator);
userDAC.UpdateGoogleAuthencator(user.Id, newFlag);
}
