feat(DTOExtension): Erweiterungsmethode hinzugefügt, um totp direkt über Receiver zu prüfen

2024-12-11 18:42:23 +01:00
parent c41d5c4a76
commit 241991721d
2 changed files with 7 additions and 1 deletions
--- a/EnvelopeGenerator.Application/Extensions/DTOExtensions.cs
+++ b/EnvelopeGenerator.Application/Extensions/DTOExtensions.cs
@@ -1,4 +1,6 @@
 using EnvelopeGenerator.Application.DTOs.Receiver;
+using EnvelopeGenerator.Extensions;
+using Newtonsoft.Json;

 namespace EnvelopeGenerator.Application.Extensions
 {
@@ -12,5 +14,9 @@ namespace EnvelopeGenerator.Application.Extensions

        public static bool IsTotpSecretValid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
            => !dto.IsTotpSecretInvalid(minutesBeforeExpiration);
+
+        public static bool IsTotpValid(this ReceiverReadDto dto, string totp) => dto.TotpSecretkey is null ? throw new ArgumentNullException(nameof(dto), $"TotpSecretkey of DTO cannot validate without TotpSecretkey. Dto: {JsonConvert.SerializeObject(dto)}") : totp.IsValidTotp(dto.TotpSecretkey);
+
+        public static bool IsTotpInvalid(this ReceiverReadDto dto, string totp) => !dto.IsTotpValid(totp: totp);
    }
 }
--- a/EnvelopeGenerator.Web/Controllers/HomeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/HomeController.cs
@@ -258,7 +258,7 @@ namespace EnvelopeGenerator.Web.Controllers
                            }
                            else if (auth.HasAuthenticatorCode)
                            {
-                                if (!auth.AuthenticatorCode!.IsValidTotp(er_secret.Receiver!.TotpSecretkey!))
+                                if (er_secret.Receiver!.IsTotpInvalid(totp: auth.AuthenticatorCode!))
                                {
                                    Response.StatusCode = StatusCodes.Status401Unauthorized;
                                    ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value;