public ActionResult SWT(string realm, string redirect_uri, string deflate) { Session["tfa.authState"] = 0; var model = new LoginModel(); model.ProvidersList = GetProvidersList(); return View("Login", model); }
public ActionResult SWT(string realm, string redirect_uri, string deflate, string wrap_name, string wrap_password, string sf_domain = "Default", string sf_persistent = "false", string is_form = "false") { var model = new LoginModel(); UserManager um = new UserManager(sf_domain); if (um.ValidateUser(wrap_name, wrap_password)) { Session["tfa.authState"] = 1; Session["tfa.realm"] = realm; Session["tfa.redirect_uri"] = redirect_uri; Session["tfa.deflate"] = deflate; Session["tfa.wrap_name"] = wrap_name; Session["tfa.sf_persistent"] = sf_persistent; UserProfileManager profileManager = UserProfileManager.GetManager(); UserManager userManager = UserManager.GetManager(); User user = userManager.GetUser(wrap_name); UserProfile profile = null; if (user != null) { profile = profileManager.GetUserProfile<SitefinityProfile>(user); string authyId = profile.GetValue<string>("AuthyId"); bool useTwoFactor = false; if (!String.IsNullOrWhiteSpace(authyId)) { useTwoFactor = true; Session["tfa.authyId"] = authyId; } if (is_form == "false") { if (useTwoFactor) { return Json(new { url = "/TFA/Authenticate/Verify" }); } return Json(new { url = GetLoginUri() }); } else { if (useTwoFactor) { return Redirect("/TFA/Authenticate/Verify"); } return Redirect(GetLoginUri()); } } } model.ProvidersList = GetProvidersList(); ModelState.AddModelError("InvalidCredentials", "Incorrect Username/Password Combination"); return View("Login", model); }
public ActionResult Verify(string token) { if (!IsAuthState(1)) { return Redirect("/"); } TwoFactorAuthenticationConfig config = Config.Get<TwoFactorAuthenticationConfig>(); var authy = new AuthyClient(config.ApiKey, test: false); string authyId = Session["tfa.authyId"].ToString(); VerifyTokenResult result = authy.VerifyToken(authyId, token); if (result.Success) { var loggedInUsers = SecurityManager.GetLoggedInBackendUsers(); if (loggedInUsers.Where(u => u.UserName == Session["tfa.wrap_name"].ToString()).Count() > 0) { } return Redirect(GetLoginUri()); } else { var model = new LoginModel(); ModelState.AddModelError("InvalidToken", "Incorrect Token"); return View("Verify", model); } }