admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-03-11 18:06:38 +00:00
parent 73ba204dc3
commit 0ae69f6591
5 changed files with 51 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
server/AyaNova/Controllers/AuthController.cs
View File

@@ -1,6 +1,8 @@
using System.Collections.Generic;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using TwoFactorAuthNet;
using QRCoder;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging;
using AyaNova.Models;
@@ -424,6 +426,46 @@ namespace AyaNova.Api.Controllers
}));
}
/// <summary>
/// Generate HOTP secret and return for use in auth app
///
/// </summary>
/// <param name="apiVersion">From route path</param>
/// <returns>New HOTP secret</returns>
[HttpGet("hotp")]
public async Task<IActionResult> GenerateAndSendHOTP(ApiVersion apiVersion)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//get user and save the secret
var UserId = UserIdFromContext.Id(HttpContext.Items);
var u = await ct.User.FirstOrDefaultAsync(z => z.Id == UserId);
if (u == null)//should never happen but ?
return StatusCode(403, new ApiNotAuthorizedResponse());
var tfa = new TwoFactorAuth("AyaNova");
u.HotpSecret = tfa.CreateSecret(160);
await ct.SaveChangesAsync();
QRCodeGenerator qrGenerator = new QRCodeGenerator();
QRCodeData qrCodeData = qrGenerator.CreateQrCode(u.HotpSecret, QRCodeGenerator.ECCLevel.Q);
Base64QRCode qrCode = new Base64QRCode(qrCodeData);
string qrCodeImageAsBase64 = qrCode.GetGraphic(20);
return Ok(ApiOkResponse.Response(new
{
s = u.HotpSecret,
qrCode = qrCodeImageAsBase64
}));
}
//------------------------------------------------------
public class CredentialsParam