mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2024-11-19 18:11:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
c878f63f99
btcpayserver/BTCPayServer/Fido2/Fido2Controller.cs

105 lines
3.5 KiB
C#
Raw Normal View History

FIDO2/WebAuthN Support (#2356) * FIDO2/WebAuthN Support This adds initial support for WebAuthN/FIDO2 as another MFA mode. U2F is still intact and runs alongside it for now. Once this is merged, I will start work on migrating U2F support to happen over the FIDO2 protocol instead. * Refactor and future proof system (prep work of seamless u2f migration) * attempt js fix for mobile devices * Apply suggestions from code review Co-authored-by: d11n <mail@dennisreimann.de> * fix fido name saving * do not spam logs and hide loader when failed * PR Changes * Apply suggestions from code review Co-authored-by: d11n <mail@dennisreimann.de> * attempt fido2 bump * add name if not named for credentials Co-authored-by: d11n <mail@dennisreimann.de>
2021-04-20 07:06:32 +02:00
using System.Threading.Tasks;
using BTCPayServer.Abstractions.Extensions;
using BTCPayServer.Abstractions.Models;
using BTCPayServer.Data;
using BTCPayServer.Fido2;
using BTCPayServer.Models;
using Fido2NetLib;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json.Linq;
namespace BTCPayServer.U2F.Models
{
[Route("fido2")]
[Authorize]
public class Fido2Controller : Controller
{
private readonly UserManager<ApplicationUser> _userManager;
private readonly Fido2Service _fido2Service;
public Fido2Controller(UserManager<ApplicationUser> userManager, Fido2Service fido2Service)
{
_userManager = userManager;
_fido2Service = fido2Service;
}
[HttpGet("")]
public async Task<IActionResult> List()
{
return View(new Fido2AuthenticationViewModel()
{
Credentials = await _fido2Service.GetCredentials( _userManager.GetUserId(User))
});
}
[HttpGet("{id}/delete")]
public IActionResult Remove(string id)
{
return View("Confirm", new ConfirmModel("Are you sure you want to remove FIDO2 credential?", "Your account will no longer have this credential as an option for MFA.", "Remove"));
}
[HttpPost("{id}/delete")]
public async Task<IActionResult> RemoveP(string id)
{
await _fido2Service.Remove(id, _userManager.GetUserId(User));
TempData.SetStatusMessageModel(new StatusMessageModel
{
Severity = StatusMessageModel.StatusSeverity.Success,
Html = $"FIDO2 Credentials were removed successfully."
});
return RedirectToAction(nameof(List));
}
[HttpGet("register")]
public async Task<IActionResult> Create(AddFido2CredentialViewModel viewModel)
{
var options = await _fido2Service.RequestCreation(_userManager.GetUserId(User));
if (options is null)
{
TempData.SetStatusMessageModel(new StatusMessageModel
{
Severity = StatusMessageModel.StatusSeverity.Error,
Html = $"FIDO2 Credentials could not be saved."
});
return RedirectToAction(nameof(List));
}
ViewData["CredentialName"] = viewModel.Name ?? "";
return View(options);
}
[HttpPost("register")]
public async Task<IActionResult> CreateResponse([FromForm] string data, [FromForm] string name)
{
var attestationResponse = JObject.Parse(data).ToObject<AuthenticatorAttestationRawResponse>();
if (await _fido2Service.CompleteCreation(_userManager.GetUserId(User), name, attestationResponse))
{
TempData.SetStatusMessageModel(new StatusMessageModel
{
Severity = StatusMessageModel.StatusSeverity.Success,
Html = $"FIDO2 Credentials were saved successfully."
});
}
else
{
TempData.SetStatusMessageModel(new StatusMessageModel
{
Severity = StatusMessageModel.StatusSeverity.Error,
Html = $"FIDO2 Credentials could not be saved."
});
}
return RedirectToAction(nameof(List));
}
}
}
Reference in New Issue Copy Permalink