AppStd/EnvelopeGenerator
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat(HomeController): Funktion zur Überprüfung des Authenticator-Codes hinzugefügt.

Browse Source
This commit is contained in:
Developer 02 2024-12-11 18:32:35 +01:00
parent 27db664b4d
commit c41d5c4a76
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
EnvelopeGenerator.Extensions/StringExtension.cs
View File

@ -4,7 +4,7 @@ namespace EnvelopeGenerator.Extensions
{ {
public static class StringExtension public static class StringExtension
{ {
public static bool IsValidTotp(string totp, string secret) public static bool IsValidTotp(this string totp, string secret)
{ {
var secret_bytes = Base32Encoding.ToBytes(secret); var secret_bytes = Base32Encoding.ToBytes(secret);
var secret_totp = new Totp(secret_bytes); var secret_totp = new Totp(secret_bytes);

10
EnvelopeGenerator.Web/Controllers/HomeController.cs
View File

@ -19,7 +19,6 @@ using Ganss.Xss;
using Newtonsoft.Json; using Newtonsoft.Json;
using EnvelopeGenerator.Application.DTOs; using EnvelopeGenerator.Application.DTOs;
using DigitalData.Core.Client; using DigitalData.Core.Client;
using System.Text.Json;
using EnvelopeGenerator.Application.Extensions; using EnvelopeGenerator.Application.Extensions;
namespace EnvelopeGenerator.Web.Controllers namespace EnvelopeGenerator.Web.Controllers
@ -257,6 +256,15 @@ namespace EnvelopeGenerator.Web.Controllers
return await TFAView(viaSms: true); return await TFAView(viaSms: true);
} }
} }
else if (auth.HasAuthenticatorCode)
{
if (!auth.AuthenticatorCode!.IsValidTotp(er_secret.Receiver!.TotpSecretkey!))
{
Response.StatusCode = StatusCodes.Status401Unauthorized;
ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value;
return await TFAView(viaSms: false);
}
}
else else
{ {
Response.StatusCode = StatusCodes.Status401Unauthorized; Response.StatusCode = StatusCodes.Status401Unauthorized;