feat(HomeController): TFAView wurde als separate Methode geschrieben, um Verwirrung zu vermeiden
This commit is contained in:
Developer 02
parent
6abc17c3bf
commit
0718f24339
@ -25,6 +25,8 @@ using System.Globalization;
|
||||
using EnvelopeGenerator.Application.Configurations.GtxMessaging;
|
||||
using EnvelopeGenerator.Application.DTOs.Messaging;
|
||||
using OtpNet;
|
||||
using EnvelopeGenerator.Domain.Entities;
|
||||
using System.ComponentModel.DataAnnotations.Schema;
|
||||
|
||||
namespace EnvelopeGenerator.Web.Controllers
|
||||
{
|
||||
@ -171,6 +173,36 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
}
|
||||
}
|
||||
|
||||
[NonAction]
|
||||
private async Task<IActionResult> TFAView(bool viaSms, EnvelopeReceiverSecretDto er_secret, string envelopeReceiverId)
|
||||
{
|
||||
if (viaSms)
|
||||
{
|
||||
//add date time cache
|
||||
var key = string.Format(SmsCodeExpirationCacheKeyFormat, er_secret.EnvelopeId, er_secret.ReceiverId);
|
||||
var expiration = await _dCache.GetDateTimeAsync(key);
|
||||
if (expiration is null || expiration <= DateTime.Now)
|
||||
{
|
||||
var new_expiration = DateTime.Now.AddMinutes(SmsTotpStep);
|
||||
var totp = _codeGenerator.GenerateTotp(er_secret.Receiver!.TotpSecretkey!, SmsTotpStep);
|
||||
var msg = string.Format(SmsFormat, totp, new_expiration.ToString(SmsCodeExpiration.DateTimeFormat, SmsCodeExpiration.CultureInfo));
|
||||
var smsRes = await _msgService.SendSmsAsync(er_secret.PhoneNumber!, msg);
|
||||
if (smsRes.Failed)
|
||||
{
|
||||
var res_json = JsonConvert.SerializeObject(smsRes);
|
||||
_logger.LogEnvelopeError(envelopeReceiverId: envelopeReceiverId, message: $"An unexpected error occurred while sending an SMS code. Response: ${res_json}");
|
||||
return this.ViewInnerServiceError();
|
||||
}
|
||||
}
|
||||
|
||||
return View("EnvelopeLocked").WithData("CodeType", "smsCode").WithData("SmsExpiration", expiration);
|
||||
}
|
||||
else
|
||||
{
|
||||
return View("EnvelopeLocked").WithData("CodeType", "authenticatorCode").WithData("QRCodeExpiration", er_secret.Receiver?.TotpExpiration);
|
||||
}
|
||||
}
|
||||
|
||||
[HttpPost("EnvelopeKey/{envelopeReceiverId}/Locked")]
|
||||
public async Task<IActionResult> LogInEnvelope([FromRoute] string envelopeReceiverId, [FromForm] Auth auth)
|
||||
{
|
||||
@ -201,35 +233,6 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
}
|
||||
var er_secret = er_secret_res.Data;
|
||||
|
||||
async Task<IActionResult> TFAView(bool viaSms)
|
||||
{
|
||||
if (viaSms)
|
||||
{
|
||||
//add date time cache
|
||||
var key = string.Format(SmsCodeExpirationCacheKeyFormat, er_secret.EnvelopeId, er_secret.ReceiverId);
|
||||
var expiration = await _dCache.GetDateTimeAsync(key);
|
||||
if(expiration is null || expiration <= DateTime.Now)
|
||||
{
|
||||
var new_expiration = DateTime.Now.AddMinutes(SmsTotpStep);
|
||||
var totp = _codeGenerator.GenerateTotp(er_secret.Receiver!.TotpSecretkey!, SmsTotpStep);
|
||||
var msg = string.Format(SmsFormat, totp, new_expiration.ToString(SmsCodeExpiration.DateTimeFormat, SmsCodeExpiration.CultureInfo));
|
||||
var smsRes = await _msgService.SendSmsAsync(er_secret.PhoneNumber!, msg);
|
||||
if (smsRes.Failed)
|
||||
{
|
||||
var res_json = JsonConvert.SerializeObject(smsRes);
|
||||
_logger.LogEnvelopeError(envelopeReceiverId: envelopeReceiverId, message: $"An unexpected error occurred while sending an SMS code. Response: ${res_json}");
|
||||
return this.ViewInnerServiceError();
|
||||
}
|
||||
}
|
||||
|
||||
return View("EnvelopeLocked").WithData("CodeType", "smsCode").WithData("SmsExpiration", expiration);
|
||||
}
|
||||
else
|
||||
{
|
||||
return View("EnvelopeLocked").WithData("CodeType", "authenticatorCode").WithData("QRCodeExpiration", er_secret.Receiver?.TotpExpiration);
|
||||
}
|
||||
}
|
||||
|
||||
if (auth.HasMulti)
|
||||
{
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
@ -261,7 +264,7 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
await _rcvService.UpdateAsync(rcv);
|
||||
await _mailService.SendTFAQrCodeAsync(er_secret);
|
||||
}
|
||||
return await TFAView(auth.UserSelectSMS);
|
||||
return await TFAView(auth.UserSelectSMS, er_secret, envelopeReceiverId);
|
||||
}
|
||||
|
||||
}
|
||||
@ -274,7 +277,7 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
{
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value;
|
||||
return await TFAView(viaSms: true);
|
||||
return await TFAView(viaSms: true, er_secret, envelopeReceiverId);
|
||||
}
|
||||
}
|
||||
else if (auth.HasAuthenticatorCode)
|
||||
@ -283,7 +286,7 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
{
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value;
|
||||
return await TFAView(viaSms: false);
|
||||
return await TFAView(viaSms: false, er_secret, envelopeReceiverId);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user