AppStd/EnvelopeGenerator
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat(TFARegController): Try-Catch zur Methode reg'e hinzugefügt.

Browse Source 
- Ausnahme ist so eingestellt, dass sie protokolliert wird.
This commit is contained in:
Developer 02
2025-02-06 19:31:50 +01:00
parent 95785e8c8b
commit 9cdb1409c0
4 changed files with 45 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
EnvelopeGenerator.Application/Extensions/DTOExtensions.cs
View File

@@ -1,22 +0,0 @@
using EnvelopeGenerator.Application.DTOs.Receiver;
using EnvelopeGenerator.Extensions;
using Newtonsoft.Json;
namespace EnvelopeGenerator.Application.Extensions
{
public static class DTOExtensions
{
public static bool IsTotpSecretExpired(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
=> dto.TotpExpiration < DateTime.Now.AddMinutes(minutesBeforeExpiration * -1);
public static bool IsTotpSecretInvalid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
=> dto.IsTotpSecretExpired(minutesBeforeExpiration) || dto.TotpSecretkey is null;
public static bool IsTotpSecretValid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
=> !dto.IsTotpSecretInvalid(minutesBeforeExpiration);
public static bool IsTotpValid(this ReceiverReadDto dto, string totp) => dto.TotpSecretkey is null ? throw new ArgumentNullException(nameof(dto), $"TotpSecretkey of DTO cannot validate without TotpSecretkey. Dto: {JsonConvert.SerializeObject(dto)}") : totp.IsValidTotp(dto.TotpSecretkey);
public static bool IsTotpInvalid(this ReceiverReadDto dto, string totp) => !dto.IsTotpValid(totp: totp);
}
}

5
EnvelopeGenerator.Web/Controllers/HomeController.cs
View File

@@ -197,12 +197,11 @@ public class HomeController : ViewControllerBase
if (er_secret.Envelope!.TFAEnabled)
{
var rcv = er_secret.Receiver;
if (rcv.IsTotpSecretInvalid())
if (rcv.TotpSecretkey is null)
{
rcv.TotpSecretkey = _authenticator.GenerateTotpSecretKey();
rcv.TotpExpiration = DateTime.Now.AddMonths(1);
await _rcvService.UpdateAsync(rcv);
await _mailService.SendTFAQrCodeAsync(er_secret);
}
return await TFAViewAsync(auth.UserSelectSMS, er_secret, envelopeReceiverId);
}
@@ -229,7 +228,7 @@ public class HomeController : ViewControllerBase
[NonAction]
private async Task<IActionResult?> HandleAuthenticatorAsync(Auth auth, EnvelopeReceiverSecretDto er_secret, string envelopeReceiverId)
{
if (er_secret.Receiver!.IsTotpInvalid(totp: auth.AuthenticatorCode!))
if (er_secret.Receiver!.TotpSecretkey is null)
{
Response.StatusCode = StatusCodes.Status401Unauthorized;
ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value;

76
EnvelopeGenerator.Web/Controllers/TFARegController.cs
View File

@@ -31,48 +31,56 @@ public class TFARegController : ViewControllerBase
[HttpGet("{envelopeReceiverId}")]
public async Task<IActionResult> Reg(string envelopeReceiverId)
{
envelopeReceiverId = _sanitizer.Sanitize(envelopeReceiverId);
(string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
if (uuid is null || signature is null)
try
{
_logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]);
return Unauthorized();
}
envelopeReceiverId = _sanitizer.Sanitize(envelopeReceiverId);
(string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
var er_secret_res = await _envRcvService.ReadWithSecretByUuidSignatureAsync(uuid: uuid, signature: signature);
if (uuid is null || signature is null)
{
_logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]);
return Unauthorized();
}
if (er_secret_res.IsFailed)
{
_logger.LogNotice(er_secret_res.Notices);
return this.ViewEnvelopeNotFound();
}
var er_secret = er_secret_res.Data;
var er_secret_res = await _envRcvService.ReadWithSecretByUuidSignatureAsync(uuid: uuid, signature: signature);
if (!er_secret.Envelope!.TFAEnabled)
return Unauthorized();
if (er_secret_res.IsFailed)
{
_logger.LogNotice(er_secret_res.Notices);
return this.ViewEnvelopeNotFound();
}
var er_secret = er_secret_res.Data;
var rcv = er_secret.Receiver;
if (!er_secret.Envelope!.TFAEnabled)
return Unauthorized();
// Generate QR code as base 64
rcv!.TotpSecretkey = _authenticator.GenerateTotpSecretKey();
rcv.TotpExpiration = DateTime.Now.AddMonths(1);
await _rcvService.UpdateAsync(rcv);
var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: rcv.EmailAddress, secretKey: rcv.TotpSecretkey).ToBase64String();
var rcv = er_secret.Receiver;
// Calculate RFA registiration deadline
if(rcv.TfaRegDeadline is null)
{
rcv.TfaRegDeadline = _params.Deadline;
// Generate QR code as base 64
rcv!.TotpSecretkey = _authenticator.GenerateTotpSecretKey();
rcv.TotpExpiration = DateTime.Now.AddMonths(1);
await _rcvService.UpdateAsync(rcv);
var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: rcv.EmailAddress, secretKey: rcv.TotpSecretkey).ToBase64String();
// Calculate RFA registiration deadline
if (rcv.TfaRegDeadline is null)
{
rcv.TfaRegDeadline = _params.Deadline;
await _rcvService.UpdateAsync(rcv);
}
else if (rcv.TfaRegDeadline <= DateTime.Now)
return View("_Expired");
ViewData["RegDeadline"] = rcv.TfaRegDeadline;
ViewData["TotpQR64"] = totp_qr_64;
return View();
}
catch(Exception ex)
{
_logger.LogEnvelopeError(envelopeReceiverId: envelopeReceiverId, exception: ex, message: _localizer[WebKey.UnexpectedError]);
return this.ViewInnerServiceError();
}
else if(rcv.TfaRegDeadline <= DateTime.Now)
return View("_Expired");
ViewData["RegDeadline"] = rcv.TfaRegDeadline;
ViewData["TotpQR64"] = totp_qr_64;
return View();
}
}

2
EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml
View File

@@ -32,7 +32,7 @@
</div>
<h1>@_localizer[WebKey.Formats.LockedTitle.Format(codeKeyName)]</h1>
</header>
@if (tfaRegDeadline is not null && tfaRegDeadline > DateTime.Now)
@if (viaAuthenticator && (tfaRegDeadline is null || tfaRegDeadline > DateTime.Now))
{
<section class="text-center">
<p class="m-0 p-0">