From c41d5c4a76b4b28ef19636f497c5a10952c9bb5c Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Wed, 11 Dec 2024 18:32:35 +0100
Subject: [PATCH] =?UTF-8?q?feat(HomeController):=20Funktion=20zur=20=C3=9C?=
 =?UTF-8?q?berpr=C3=BCfung=20des=20Authenticator-Codes=20hinzugef=C3=BCgt.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 EnvelopeGenerator.Extensions/StringExtension.cs     |  2 +-
 EnvelopeGenerator.Web/Controllers/HomeController.cs | 10 +++++++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/EnvelopeGenerator.Extensions/StringExtension.cs b/EnvelopeGenerator.Extensions/StringExtension.cs
index 0e6e7669..b08a0f66 100644
--- a/EnvelopeGenerator.Extensions/StringExtension.cs
+++ b/EnvelopeGenerator.Extensions/StringExtension.cs
@@ -4,7 +4,7 @@ namespace EnvelopeGenerator.Extensions
 {
     public static class StringExtension
     {
-        public static bool IsValidTotp(string totp, string secret)
+        public static bool IsValidTotp(this string totp, string secret)
         {
             var secret_bytes = Base32Encoding.ToBytes(secret);
             var secret_totp = new Totp(secret_bytes);
diff --git a/EnvelopeGenerator.Web/Controllers/HomeController.cs b/EnvelopeGenerator.Web/Controllers/HomeController.cs
index 4795c7eb..1dacd4e0 100644
--- a/EnvelopeGenerator.Web/Controllers/HomeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/HomeController.cs
@@ -19,7 +19,6 @@ using Ganss.Xss;
 using Newtonsoft.Json;
 using EnvelopeGenerator.Application.DTOs;
 using DigitalData.Core.Client;
-using System.Text.Json;
 using EnvelopeGenerator.Application.Extensions;
 
 namespace EnvelopeGenerator.Web.Controllers
@@ -257,6 +256,15 @@ namespace EnvelopeGenerator.Web.Controllers
                                     return await TFAView(viaSms: true);
                                 }
                             }
+                            else if (auth.HasAuthenticatorCode)
+                            {
+                                if (!auth.AuthenticatorCode!.IsValidTotp(er_secret.Receiver!.TotpSecretkey!))
+                                {
+                                    Response.StatusCode = StatusCodes.Status401Unauthorized;
+                                    ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value;
+                                    return await TFAView(viaSms: false);
+                                }
+                            }
                             else
                             {
                                 Response.StatusCode = StatusCodes.Status401Unauthorized;