user/acc updates and fix social oauth

author: vnugent <public@vaughnnugent.com> 2023-11-05 21:22:21 -0500
committer: vnugent <public@vaughnnugent.com> 2023-11-05 21:22:21 -0500
commit: 0316fc948dd77b91b0ccf508826f66a175cb1e83 (patch)
tree: fdcff17a84ceab87b405428f463d499b7960002c /plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/MFAEndpoint.cs
parent: 218b867ec568f4002d8c18a565fc46e186d1322a (diff)
1 files changed, 13 insertions, 13 deletions
diff --git a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/MFAEndpoint.cs b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/MFAEndpoint.cs
index d9cfd49..a156ccc 100644
--- a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/MFAEndpoint.cs
+++ b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/MFAEndpoint.cs
@@ -47,10 +47,10 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
     internal sealed class MFAEndpoint : ProtectedWebEndpoint
     {
         public const int TOTP_URL_MAX_CHARS = 1024;
+        private const string CHECK_PASSWORD = "Please check your password";
 
         private readonly IUserManager Users;
         private readonly MFAConfig? MultiFactor;
-        private readonly IPasswordHashingProvider Passwords;
 
         public MFAEndpoint(PluginBase pbase, IConfigScope config)
         {
@@ -59,7 +59,6 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
 
             Users = pbase.GetOrCreateSingleton<UserManager>();
             MultiFactor = pbase.GetConfigElement<MFAConfig>();
-            Passwords = pbase.GetOrCreateSingleton<ManagedPasswordHashing>();
         }
 
         protected override async ValueTask<VfReturnType> GetAsync(HttpEntity entity)
@@ -124,7 +123,7 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
             }
 
             //Get the user entry
-            using IUser? user = await Users.GetUserAndPassFromIDAsync(entity.Session.UserID);
+            using IUser? user = await Users.GetUserFromIDAsync(entity.Session.UserID);
 
             if (webm.Assert(user != null, "Please log-out and try again."))
             {
@@ -134,16 +133,16 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
             //get the user's password challenge
             using (PrivateString? password = (PrivateString?)mfaRequest.RootElement.GetPropString("password"))
             {
-                if (PrivateString.IsNullOrEmpty(password))
+                if (webm.Assert(!PrivateString.IsNullOrEmpty(password), CHECK_PASSWORD))
                 {
-                    webm.Result = "Please check your password";
                     return VirtualClose(entity, webm, HttpStatusCode.Unauthorized);
                 }
 
                 //Verify password against the user
-                if (!user.VerifyPassword(password, Passwords))
+                ERRNO result = await Users.ValidatePasswordAsync(user, password, PassValidateFlags.None, entity.EventCancellation);
+
+                if (webm.Assert(result > 0, CHECK_PASSWORD))
                 {
-                    webm.Result = "Please check your password";
                     return VirtualClose(entity, webm, HttpStatusCode.Unauthorized);
                 }
             }
@@ -192,7 +191,7 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
                 string? mfaType = request.RootElement.GetProperty("type").GetString();
 
                 //get the user
-                using IUser? user = await Users.GetUserAndPassFromIDAsync(entity.Session.UserID);
+                using IUser? user = await Users.GetUserFromIDAsync(entity.Session.UserID);
                 if (user == null)
                 {
                     return VfReturnType.NotFound;
@@ -204,16 +203,16 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
                  */
                 using (PrivateString? password = (PrivateString?)request.RootElement.GetPropString("password"))
                 {
-                    if (PrivateString.IsNullOrEmpty(password))
+                    if (webm.Assert(!PrivateString.IsNullOrEmpty(password), CHECK_PASSWORD))
                     {
-                        webm.Result = "Please check your password";
                         return VirtualClose(entity, webm, HttpStatusCode.Unauthorized);
                     }
 
                     //Verify password against the user
-                    if (!user.VerifyPassword(password, Passwords))
+                    ERRNO result = await Users.ValidatePasswordAsync(user, password, PassValidateFlags.None, entity.EventCancellation);
+                   
+                    if (webm.Assert(result > 0, CHECK_PASSWORD))
                     {
-                        webm.Result = "Please check your password";
                         return VirtualClose(entity, webm, HttpStatusCode.Unauthorized);
                     }
                 }
@@ -221,8 +220,9 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints
                 //Check for totp disable
                 if ("totp".Equals(mfaType, StringComparison.OrdinalIgnoreCase))
                 {
-                    //Clear the TOTP secret
+                    //Clear the TOTP secret to disable it
                     user.MFASetTOTPSecret(null);
+
                     //write changes
                     await user.ReleaseAsync();
                     webm.Result = "Successfully disabled your TOTP authentication";
author	vnugent <public@vaughnnugent.com>	2023-11-05 21:22:21 -0500
committer	vnugent <public@vaughnnugent.com>	2023-11-05 21:22:21 -0500
commit	0316fc948dd77b91b0ccf508826f66a175cb1e83 (patch)
tree	fdcff17a84ceab87b405428f463d499b7960002c /plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/MFAEndpoint.cs
parent	218b867ec568f4002d8c18a565fc46e186d1322a (diff)