sabbour/AccountController.cs

## AccountController.cs
       //
        // POST: /Account/Login
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                var user = await UserManager.FindAsync(model.Email, model.Password);
                if (user != null)
                {
                    await SignInAsync(user, model.RememberMe);

                    // Variables to store MFA results
                    string otp = "";
                    int callStatus = 0;
                    int errorId = 0;

                    // Prepare the MFA Parameters
                    PfAuthParams pfAuthParams = new PfAuthParams();
                    pfAuthParams.CountryCode = user.CountryCode;
                    pfAuthParams.Phone = user.Phone;
                    pfAuthParams.Pin = user.PIN.ToString();

                    // Load the certificate
                    pfAuthParams.CertFilePath = System.Web.HttpContext.Current.Server.MapPath("~/pf/certs/cert_key.p12");

                    // Choose one of the below methods for authentication
                    pfAuthParams.Mode = pf_auth.MODE_STANDARD; // a phone call without a pin
                    //pfAuthParams.Mode = pf_auth.MODE_PIN; // pin
                    //pfAuthParams.Mode = pf_auth.MODE_VOICEPRINT; // voice print
                    //pfAuthParams.Mode = pf_auth.MODE_SMS_TWO_WAY_OTP; // sms him a one time password that he has to send back
                    //pfAuthParams.Mode = pf_auth.MODE_SMS_TWO_WAY_OTP_PLUS_PIN; // sms him a one time password that he has to send back + pin

                    // If using SMS, set the below according to the SMS mode
                    //pfAuthParams.SmsText = "<$otp$>\nReply with this one-time passcode to complete your authentication.";
                    //pfAuthParams.SmsText = "<$otp$>\nReply with this one-time passcode and your PIN to complete your authentication.";

                    // Call the MFA Provider
                    // the return value from the function is a boolean that is the result of
                    // the authentication.  Two out arguments are also returned.  The first is the
                    // result of the phonecall itself, the second is the result of the connection
                    // with the backend.  See call_results.txt for a list of call results
                    // and descriptions that correspond to value returned.
                    bool mfaResult = pf_auth.pf_authenticate(pfAuthParams, out otp, out callStatus, out errorId);

                    // If MFA succeeded
                    if (mfaResult == true)
                        return RedirectToLocal(returnUrl);
                    else
                        ModelState.AddModelError("", "Multi-factor Authentication failed.");
                }
                else
                {
                    ModelState.AddModelError("", "Invalid username or password.");
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }
	//
	// POST: /Account/Login
	[HttpPost]
	[AllowAnonymous]
	[ValidateAntiForgeryToken]
	public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
	{
	if (ModelState.IsValid)
	{
	var user = await UserManager.FindAsync(model.Email, model.Password);
	if (user != null)
	{
	await SignInAsync(user, model.RememberMe);

	// Variables to store MFA results
	string otp = "";
	int callStatus = 0;
	int errorId = 0;

	// Prepare the MFA Parameters
	PfAuthParams pfAuthParams = new PfAuthParams();
	pfAuthParams.CountryCode = user.CountryCode;
	pfAuthParams.Phone = user.Phone;
	pfAuthParams.Pin = user.PIN.ToString();

	// Load the certificate
	pfAuthParams.CertFilePath = System.Web.HttpContext.Current.Server.MapPath("~/pf/certs/cert_key.p12");

	// Choose one of the below methods for authentication
	pfAuthParams.Mode = pf_auth.MODE_STANDARD; // a phone call without a pin
	//pfAuthParams.Mode = pf_auth.MODE_PIN; // pin
	//pfAuthParams.Mode = pf_auth.MODE_VOICEPRINT; // voice print
	//pfAuthParams.Mode = pf_auth.MODE_SMS_TWO_WAY_OTP; // sms him a one time password that he has to send back
	//pfAuthParams.Mode = pf_auth.MODE_SMS_TWO_WAY_OTP_PLUS_PIN; // sms him a one time password that he has to send back + pin

	// If using SMS, set the below according to the SMS mode
	//pfAuthParams.SmsText = "<$otp$>\nReply with this one-time passcode to complete your authentication.";
	//pfAuthParams.SmsText = "<$otp$>\nReply with this one-time passcode and your PIN to complete your authentication.";

	// Call the MFA Provider
	// the return value from the function is a boolean that is the result of
	// the authentication. Two out arguments are also returned. The first is the
	// result of the phonecall itself, the second is the result of the connection
	// with the backend. See call_results.txt for a list of call results
	// and descriptions that correspond to value returned.
	bool mfaResult = pf_auth.pf_authenticate(pfAuthParams, out otp, out callStatus, out errorId);

	// If MFA succeeded
	if (mfaResult == true)
	return RedirectToLocal(returnUrl);
	else
	ModelState.AddModelError("", "Multi-factor Authentication failed.");
	}
	else
	{
	ModelState.AddModelError("", "Invalid username or password.");
	}
	}

	// If we got this far, something failed, redisplay form
	return View(model);
	}