public IActionResult AdditionalAuthenticationFactor(string returnUrl, bool rememberLogin)
        {
            // create VM
            var vm = new AdditionalAuthenticationFactorViewModel()
            {
                RememberLogin = rememberLogin,
                ReturnUrl     = returnUrl
            };

            return(View(vm));
        }
示例#2
0
        public async Task <IActionResult> AdditionalAuthenticationFactor(
            AdditionalAuthenticationFactorViewModel model)
        {
            if (ModelState.IsValid)
            {
                // read identity from the temporary cookie
                var info = await HttpContext.Authentication.GetAuthenticateInfoAsync("idsrv.2FA");

                var tempUser = info?.Principal;
                if (tempUser == null)
                {
                    throw new Exception("2FA error");
                }

                var user = _marvinUserRepository.GetUserBySubjectId(tempUser.GetSubjectId());

                // ... check code for user
                if (model.Code != "123")
                {
                    ModelState.AddModelError("code", "2FA code is invalid.");
                    return(View(model));
                }

                // login the user
                AuthenticationProperties props = null;
                if (AccountOptions.AllowRememberLogin && model.RememberLogin)
                {
                    props = new AuthenticationProperties
                    {
                        IsPersistent = true,
                        ExpiresUtc   = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration)
                    };
                }
                ;

                // issue authentication cookie for user
                await _events.RaiseAsync(new UserLoginSuccessEvent(user.Username, user.SubjectId, user.Username));

                await HttpContext.Authentication.SignInAsync(user.SubjectId, user.Username, props);

                // delete temporary cookie used for 2FA
                await HttpContext.Authentication.SignOutAsync("idsrv.2FA");

                if (_interaction.IsValidReturnUrl(model.ReturnUrl) || Url.IsLocalUrl(model.ReturnUrl))
                {
                    return(Redirect(model.ReturnUrl));
                }

                return(Redirect("~/"));
            }

            // something went wrong, show an error
            return(View(model));
        }