Winsomnia/MireaBackend
1
0
Fork 0
Code Pull Requests Actions Projects Releases Activity

sec: add failed attempts for 2FA

Browse Source
This commit is contained in:
Polianin Nikita 2024-12-25 05:49:13 +03:00
parent c66f3355ec
commit dfac9ddca8
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Security/Services/AuthService.cs
View File

@ -156,8 +156,13 @@ public class AuthService(ICacheService cache, IAccessToken accessTokenService, I
var totp = new TotpService(firstTokenAuth.Secret); var totp = new TotpService(firstTokenAuth.Secret);
if (!totp.VerifyToken(code)) if (!totp.VerifyToken(code))
{
await RecordFailedLoginAttempt(requestContext.Fingerprint, firstTokenAuth.UserId, cancellation);
throw new SecurityException("Invalid verification code. Please try again."); throw new SecurityException("Invalid verification code. Please try again.");
} }
await ResetFailedLoginAttempts(requestContext.Fingerprint, cancellation);
}
break; break;
default: default:
throw new InvalidOperationException("Unsupported authorization method."); throw new InvalidOperationException("Unsupported authorization method.");