[2aea0fd] | 1 | // Licensed to the .NET Foundation under one or more agreements.
|
---|
| 2 | // The .NET Foundation licenses this file to you under the MIT license.
|
---|
| 3 | #nullable disable
|
---|
| 4 |
|
---|
| 5 | using System;
|
---|
| 6 | using System.ComponentModel.DataAnnotations;
|
---|
| 7 | using System.Threading.Tasks;
|
---|
| 8 | using Microsoft.AspNetCore.Authorization;
|
---|
| 9 | using Microsoft.AspNetCore.Mvc;
|
---|
| 10 | using Microsoft.AspNetCore.Mvc.RazorPages;
|
---|
| 11 | using Microsoft.Extensions.Logging;
|
---|
| 12 | using Microsoft.AspNetCore.Identity;
|
---|
| 13 | using Microsoft.Extensions.Logging;
|
---|
| 14 |
|
---|
| 15 | namespace PostgreSqlDotnetCore.Areas.Identity.Pages.Account
|
---|
| 16 | {
|
---|
| 17 | public class LoginWith2faModel : PageModel
|
---|
| 18 | {
|
---|
| 19 | private readonly SignInManager<IdentityUser> _signInManager;
|
---|
| 20 | private readonly UserManager<IdentityUser> _userManager;
|
---|
| 21 | private readonly ILogger<LoginWith2faModel> _logger;
|
---|
| 22 |
|
---|
| 23 | public LoginWith2faModel(
|
---|
| 24 | SignInManager<IdentityUser> signInManager,
|
---|
| 25 | UserManager<IdentityUser> userManager,
|
---|
| 26 | ILogger<LoginWith2faModel> logger)
|
---|
| 27 | {
|
---|
| 28 | _signInManager = signInManager;
|
---|
| 29 | _userManager = userManager;
|
---|
| 30 | _logger = logger;
|
---|
| 31 | }
|
---|
| 32 |
|
---|
| 33 | /// <summary>
|
---|
| 34 | /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
|
---|
| 35 | /// directly from your code. This API may change or be removed in future releases.
|
---|
| 36 | /// </summary>
|
---|
| 37 | [BindProperty]
|
---|
| 38 | public InputModel Input { get; set; }
|
---|
| 39 |
|
---|
| 40 | /// <summary>
|
---|
| 41 | /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
|
---|
| 42 | /// directly from your code. This API may change or be removed in future releases.
|
---|
| 43 | /// </summary>
|
---|
| 44 | public bool RememberMe { get; set; }
|
---|
| 45 |
|
---|
| 46 | /// <summary>
|
---|
| 47 | /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
|
---|
| 48 | /// directly from your code. This API may change or be removed in future releases.
|
---|
| 49 | /// </summary>
|
---|
| 50 | public string ReturnUrl { get; set; }
|
---|
| 51 |
|
---|
| 52 | /// <summary>
|
---|
| 53 | /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
|
---|
| 54 | /// directly from your code. This API may change or be removed in future releases.
|
---|
| 55 | /// </summary>
|
---|
| 56 | public class InputModel
|
---|
| 57 | {
|
---|
| 58 | /// <summary>
|
---|
| 59 | /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
|
---|
| 60 | /// directly from your code. This API may change or be removed in future releases.
|
---|
| 61 | /// </summary>
|
---|
| 62 | [Required]
|
---|
| 63 | [StringLength(7, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
|
---|
| 64 | [DataType(DataType.Text)]
|
---|
| 65 | [Display(Name = "Authenticator code")]
|
---|
| 66 | public string TwoFactorCode { get; set; }
|
---|
| 67 |
|
---|
| 68 | /// <summary>
|
---|
| 69 | /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
|
---|
| 70 | /// directly from your code. This API may change or be removed in future releases.
|
---|
| 71 | /// </summary>
|
---|
| 72 | [Display(Name = "Remember this machine")]
|
---|
| 73 | public bool RememberMachine { get; set; }
|
---|
| 74 | }
|
---|
| 75 |
|
---|
| 76 | public async Task<IActionResult> OnGetAsync(bool rememberMe, string returnUrl = null)
|
---|
| 77 | {
|
---|
| 78 | // Ensure the user has gone through the username & password screen first
|
---|
| 79 | var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
|
---|
| 80 |
|
---|
| 81 | if (user == null)
|
---|
| 82 | {
|
---|
| 83 | throw new InvalidOperationException($"Unable to load two-factor authentication user.");
|
---|
| 84 | }
|
---|
| 85 |
|
---|
| 86 | ReturnUrl = returnUrl;
|
---|
| 87 | RememberMe = rememberMe;
|
---|
| 88 |
|
---|
| 89 | return Page();
|
---|
| 90 | }
|
---|
| 91 |
|
---|
| 92 | public async Task<IActionResult> OnPostAsync(bool rememberMe, string returnUrl = null)
|
---|
| 93 | {
|
---|
| 94 | if (!ModelState.IsValid)
|
---|
| 95 | {
|
---|
| 96 | return Page();
|
---|
| 97 | }
|
---|
| 98 |
|
---|
| 99 | returnUrl = returnUrl ?? Url.Content("~/");
|
---|
| 100 |
|
---|
| 101 | var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
|
---|
| 102 | if (user == null)
|
---|
| 103 | {
|
---|
| 104 | throw new InvalidOperationException($"Unable to load two-factor authentication user.");
|
---|
| 105 | }
|
---|
| 106 |
|
---|
| 107 | var authenticatorCode = Input.TwoFactorCode.Replace(" ", string.Empty).Replace("-", string.Empty);
|
---|
| 108 |
|
---|
| 109 | var result = await _signInManager.TwoFactorAuthenticatorSignInAsync(authenticatorCode, rememberMe, Input.RememberMachine);
|
---|
| 110 |
|
---|
| 111 | var userId = await _userManager.GetUserIdAsync(user);
|
---|
| 112 |
|
---|
| 113 | if (result.Succeeded)
|
---|
| 114 | {
|
---|
| 115 | _logger.LogInformation("User with ID '{UserId}' logged in with 2fa.", user.Id);
|
---|
| 116 | return LocalRedirect(returnUrl);
|
---|
| 117 | }
|
---|
| 118 | else if (result.IsLockedOut)
|
---|
| 119 | {
|
---|
| 120 | _logger.LogWarning("User with ID '{UserId}' account locked out.", user.Id);
|
---|
| 121 | return RedirectToPage("./Lockout");
|
---|
| 122 | }
|
---|
| 123 | else
|
---|
| 124 | {
|
---|
| 125 | _logger.LogWarning("Invalid authenticator code entered for user with ID '{UserId}'.", user.Id);
|
---|
| 126 | ModelState.AddModelError(string.Empty, "Invalid authenticator code.");
|
---|
| 127 | return Page();
|
---|
| 128 | }
|
---|
| 129 | }
|
---|
| 130 | }
|
---|
| 131 | }
|
---|