feat(Reg.cshtml): Zeitüberschreitung hinzugefügt.

- TFARegController.Reg aktualisiert, um die Seite _Expired view zu senden, wenn receiver.TfaRegDeadline abläuft.
 - TFARegParams Klasse für TimeLimit Configuration erstellt und mit appsettings konfiguriert.

EnvelopeGenerator.Web/Controllers/HomeController.cs

@@ -243,6 +243,7 @@ public class HomeController : ViewControllerBase
         try
         {
             ViewData["UserCulture"] = _cultures[UserLanguage];
+            ViewData["EnvelopeKey"] = envelopeReceiverId;
 
             envelopeReceiverId = _sanitizer.Sanitize(envelopeReceiverId);
             (string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
@@ -292,7 +293,6 @@ public class HomeController : ViewControllerBase
             //continue the process without important data to minimize security errors.
             EnvelopeReceiverDto er = er_secret;
 
-            ViewData["EnvelopeKey"] = envelopeReceiverId;
             //check rejection
             var rejRcvrs = await _historyService.ReadRejectingReceivers(er.Envelope!.Id);
             if(rejRcvrs.Any())

EnvelopeGenerator.Web/Controllers/TFARegController.cs

@@ -7,6 +7,7 @@ using Microsoft.Extensions.Localization;
 using EnvelopeGenerator.Application.Resources;
 using DigitalData.Core.DTO;
 using EnvelopeGenerator.Application.Extensions;
+using Microsoft.Extensions.Options;
 
 namespace EnvelopeGenerator.Web.Controllers;
 
@@ -17,12 +18,14 @@ public class TFARegController : ViewControllerBase
     private readonly IEnvelopeReceiverService _envRcvService;
     private readonly IAuthenticator _authenticator;
     private readonly IReceiverService _rcvService;
+    private readonly TFARegParams _params;
 
-    public TFARegController(ILogger<TFARegController> logger, HtmlSanitizer sanitizer, Cultures cultures, IStringLocalizer<Resource> localizer, IEnvelopeReceiverService erService, IAuthenticator authenticator, IReceiverService receiverService) : base(logger, sanitizer, cultures, localizer)
+    public TFARegController(ILogger<TFARegController> logger, HtmlSanitizer sanitizer, Cultures cultures, IStringLocalizer<Resource> localizer, IEnvelopeReceiverService erService, IAuthenticator authenticator, IReceiverService receiverService, IOptions<TFARegParams> tfaRegParamsOptions) : base(logger, sanitizer, cultures, localizer)
     {
         _envRcvService = erService;
         _authenticator = authenticator;
         _rcvService = receiverService;
+        _params = tfaRegParamsOptions.Value;
     }
 
     [HttpGet("{envelopeReceiverId}")]
@@ -56,6 +59,18 @@ public class TFARegController : ViewControllerBase
         rcv.TotpExpiration = DateTime.Now.AddMonths(1);
         await _rcvService.UpdateAsync(rcv);
         var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: rcv.EmailAddress, secretKey: rcv.TotpSecretkey).ToBase64String();
+
+        // Calculate RFA registiration deadline
+        if(rcv.TfaRegDeadline is null)
+        {
+            rcv.TfaRegDeadline = _params.Deadline;
+            await _rcvService.UpdateAsync(rcv);
+        }
+        else if(rcv.TfaRegDeadline <= DateTime.Now)
+            return View("_Expired");
+
+        ViewData["RegDeadline"] = rcv.TfaRegDeadline;
+
         ViewData["TotpQR64"] = totp_qr_64;
 
         return View();

EnvelopeGenerator.Web/Models/TFARegParams.cs

@@ -0,0 +1,17 @@
+namespace EnvelopeGenerator.Web.Models;
+
+/// <summary>
+/// Represents the parameters for two-factor authentication (2FA) registration.
+/// </summary>
+public class TFARegParams
+{
+    /// <summary>
+    /// The maximum allowed time for completing the registration process.
+    /// </summary>
+    public TimeSpan TimeLimit { get; init; } = new(0, 30, 0);
+
+    /// <summary>
+    /// The deadline for registration, calculated as the current time plus the <see cref="TimeLimit"/>.
+    /// </summary>
+    public DateTime Deadline => DateTime.Now.AddTicks(TimeLimit.Ticks);
+}

EnvelopeGenerator.Web/Program.cs

@@ -49,6 +49,8 @@ try
     // Add higher order services
     builder.Services.AddScoped<EnvelopeOldService>();
 
+    builder.ConfigureBySection<TFARegParams>();
+
     // Add controllers and razor views
     builder.Services.AddControllersWithViews(options =>
     {

EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml

@@ -42,7 +42,7 @@
             </a>
              um Ihre Authenticator-App einzurichten.
         </p>
-        </section>
+    </section>
     }
     <section class="text-center">
         <p>@_localizer[WebKey.Formats.LockedBody.Format(codeKeyName)].Value.Format(qrCodeExpiration.ToString())</p>

EnvelopeGenerator.Web/Views/Shared/_Expired.cshtml

@@ -0,0 +1,25 @@
+@{
+    ViewData["Title"] = "Abgelaufen";
+    var head = ViewData["Head"] as string ?? "Abgelaufen!";
+    var body = ViewData["Body"] as string ?? "Die Gültigkeitsdauer der Verbindung ist abgelaufen.";
+}
+<div class="page container p-5">
+    <header class="text-center">
+        <div class="icon expired">
+            <svg width="72" height="72" viewBox="0 0 48 48" version="1" xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 48 48">
+                <circle fill="#00ACC1" cx="17" cy="17" r="14" />
+                <circle fill="#eee" cx="17" cy="17" r="11" />
+                <rect x="16" y="8" width="2" height="9" />
+                <rect x="18.2" y="16" transform="matrix(-.707 .707 -.707 -.707 46.834 19.399)" width="2.4" height="6.8" />
+                <circle cx="17" cy="17" r="2" />
+                <circle fill="#00ACC1" cx="17" cy="17" r="1" />
+                <path fill="#FFC107" d="M11.9,42l14.4-24.1c0.8-1.3,2.7-1.3,3.4,0L44.1,42c0.8,1.3-0.2,3-1.7,3H13.6C12.1,45,11.1,43.3,11.9,42z" />
+                <path fill="#263238" d="M26.4,39.9c0-0.2,0-0.4,0.1-0.6s0.2-0.3,0.3-0.5s0.3-0.2,0.5-0.3s0.4-0.1,0.6-0.1s0.5,0,0.7,0.1 s0.4,0.2,0.5,0.3s0.2,0.3,0.3,0.5s0.1,0.4,0.1,0.6s0,0.4-0.1,0.6s-0.2,0.3-0.3,0.5s-0.3,0.2-0.5,0.3s-0.4,0.1-0.7,0.1 s-0.5,0-0.6-0.1s-0.4-0.2-0.5-0.3s-0.2-0.3-0.3-0.5S26.4,40.1,26.4,39.9z M29.2,36.8h-2.3L26.5,27h3L29.2,36.8z" />
+            </svg>
+        </div>
+        <h1>@head</h1>
+    </header>
+    <section class="text-center">
+        <p>@body</p>
+    </section>
+</div>

EnvelopeGenerator.Web/Views/TFAReg/Reg.cshtml

@@ -1,6 +1,8 @@
-@{
+@using System.Globalization
+@{
     ViewData["Title"] = "2FA Registrierung";
     var totpQR64 = ViewData["TotpQR64"] as string;
+    var regDeadline = ViewData["RegDeadline"] is DateTime _dateTime ? _dateTime : throw new InvalidOperationException("RegDeadline is not added to view in Reg.cshtml view.");
 }
 <div class="page container p-5">
     <header class="text-center">
@@ -13,6 +15,9 @@
         <h2 class="mb-0">2-Factor Authentication (2FA)</h2>
         <h2>Registrierung</h2>
     </header>
+    <section class="text-center">
+        <p class="p-0 m-0"> @string.Format("Diese Seite ist bis {0} sichtbar.", regDeadline.ToString("d. MMM, HH:mm", new CultureInfo("de-DE")))</p>
+    </section>
     <section class="text-start mt-4">
         <div class="accordion" id="tfaRegStep">
             <div class="accordion-item">

EnvelopeGenerator.Web/appsettings.json

@@ -128,5 +128,8 @@
     "QueryParams": {
       "from": "signFlow"
     }
+  },
+  "TFARegParams": {
+    "TimeLimit": "00:30:00"
   }
 }