admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

More subscription license work allow logins addition

Browse Source
This commit is contained in:
John Cardinal
2022-08-23 21:41:20 +00:00
parent ae3d576d40
commit e06334a175
13 changed files with 74 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/AyaNova/Controllers/AuthController.cs
View File

@@ -87,7 +87,7 @@ namespace AyaNova.Api.Controllers
//Multiple users are allowed the same password and login
//Salt will differentiate them so get all users that match login, then try to match pw
var users = await ct.User.Where(z => z.Login == creds.Login && z.Active == true).ToListAsync();
var users = await ct.User.Where(z => z.Login == creds.Login && z.Active == true && z.AllowLogin == true).ToListAsync();
foreach (User u in users)
{
@@ -168,7 +168,7 @@ namespace AyaNova.Api.Controllers
}
//Match to temp token that would have been set by initial credentialed login for 2fa User
var user = await ct.User.Where(z => z.TempToken == pin.TempToken && z.Active == true && z.TwoFactorEnabled == true).FirstOrDefaultAsync();
var user = await ct.User.Where(z => z.TempToken == pin.TempToken && z.Active == true && z.AllowLogin==true && z.TwoFactorEnabled == true).FirstOrDefaultAsync();
if (user != null)
@@ -393,7 +393,7 @@ namespace AyaNova.Api.Controllers
{
//If the user is inactive they may not login
if (!u.Active)
if (!u.Active || !u.AllowLogin)
{
//respond like bad creds so as not to leak information
await Task.Delay(AyaNova.Util.ServerBootConfig.FAILED_AUTH_DELAY);