| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113 |
- // Licensed to the .NET Foundation under one or more agreements.
- // The .NET Foundation licenses this file to you under the MIT license.
- #nullable disable
- using System;
- using System.ComponentModel.DataAnnotations;
- using System.Threading.Tasks;
- using bitforum.Models.User;
- using Microsoft.AspNetCore.Authorization;
- using Microsoft.AspNetCore.Identity;
- using Microsoft.AspNetCore.Mvc;
- using Microsoft.AspNetCore.Mvc.RazorPages;
- using Microsoft.Extensions.Logging;
- namespace bitforum.Areas.Identity.Pages.Account
- {
- public class LoginWithRecoveryCodeModel : PageModel
- {
- private readonly SignInManager<ApplicationUser> _signInManager;
- private readonly UserManager<ApplicationUser> _userManager;
- private readonly ILogger<LoginWithRecoveryCodeModel> _logger;
- public LoginWithRecoveryCodeModel(
- SignInManager<ApplicationUser> signInManager,
- UserManager<ApplicationUser> userManager,
- ILogger<LoginWithRecoveryCodeModel> logger)
- {
- _signInManager = signInManager;
- _userManager = userManager;
- _logger = logger;
- }
- /// <summary>
- /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
- /// directly from your code. This API may change or be removed in future releases.
- /// </summary>
- [BindProperty]
- public InputModel Input { get; set; }
- /// <summary>
- /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
- /// directly from your code. This API may change or be removed in future releases.
- /// </summary>
- public string ReturnUrl { get; set; }
- /// <summary>
- /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
- /// directly from your code. This API may change or be removed in future releases.
- /// </summary>
- public class InputModel
- {
- /// <summary>
- /// This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
- /// directly from your code. This API may change or be removed in future releases.
- /// </summary>
- [BindProperty]
- [Required]
- [DataType(DataType.Text)]
- [Display(Name = "Recovery Code")]
- public string RecoveryCode { get; set; }
- }
- public async Task<IActionResult> OnGetAsync(string returnUrl = null)
- {
- // Ensure the user has gone through the username & password screen first
- var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
- if (user == null)
- {
- throw new InvalidOperationException($"Unable to load two-factor authentication user.");
- }
- ReturnUrl = returnUrl;
- return Page();
- }
- public async Task<IActionResult> OnPostAsync(string returnUrl = null)
- {
- if (!ModelState.IsValid)
- {
- return Page();
- }
- var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
- if (user == null)
- {
- throw new InvalidOperationException($"Unable to load two-factor authentication user.");
- }
- var recoveryCode = Input.RecoveryCode.Replace(" ", string.Empty);
- var result = await _signInManager.TwoFactorRecoveryCodeSignInAsync(recoveryCode);
- var userId = await _userManager.GetUserIdAsync(user);
- if (result.Succeeded)
- {
- _logger.LogInformation("User with ID '{UserId}' logged in with a recovery code.", user.Id);
- return LocalRedirect(returnUrl ?? Url.Content("~/"));
- }
- if (result.IsLockedOut)
- {
- _logger.LogWarning("User account locked out.");
- return RedirectToPage("./Lockout");
- }
- else
- {
- _logger.LogWarning("Invalid recovery code entered for user with ID '{UserId}' ", user.Id);
- ModelState.AddModelError(string.Empty, "Invalid recovery code entered.");
- return Page();
- }
- }
- }
- }
|
