Do not allow login or register over an insecure connection

2025-12-17 14:04:26 +01:00 · 2019-11-14 19:01:26 +01:00
parent 2bfea50014
commit f1cef81d76
3 changed files with 139 additions and 60 deletions
--- a/BTCPayServer/Controllers/AccountController.cs
+++ b/BTCPayServer/Controllers/AccountController.cs
@@ -74,21 +74,29 @@ namespace BTCPayServer.Controllers
        [AllowAnonymous]
        public async Task<IActionResult> Login(string returnUrl = null)
        {
+            
            if (User.Identity.IsAuthenticated && string.IsNullOrEmpty(returnUrl))
                return RedirectToLocal();
            // Clear the existing external cookie to ensure a clean login process
            await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);

+            CanLoginOrRegister();
+            
            ViewData["ReturnUrl"] = returnUrl;
            return View();
        }

+
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        [RateLimitsFilter(ZoneLimits.Login, Scope = RateLimitsScope.RemoteAddress)]
        public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
        {
+            if (!CanLoginOrRegister())
+            {
+                return View(model);
+            }
            ViewData["ReturnUrl"] = returnUrl;
            if (ModelState.IsValid)
            {
@@ -199,6 +207,11 @@ namespace BTCPayServer.Controllers
        [ValidateAntiForgeryToken]
        public async Task<IActionResult> LoginWithU2F(LoginWithU2FViewModel viewModel, string returnUrl = null)
        {
+            if (!CanLoginOrRegister())
+            {
+                return RedirectToAction("Login");
+            }
+            
            ViewData["ReturnUrl"] = returnUrl;
            var user = await _userManager.FindByIdAsync(viewModel.UserId);

@@ -242,6 +255,11 @@ namespace BTCPayServer.Controllers
        [AllowAnonymous]
        public async Task<IActionResult> LoginWith2fa(bool rememberMe, string returnUrl = null)
        {
+            if (!CanLoginOrRegister())
+            {
+                return RedirectToAction("Login");
+            }
+
            // Ensure the user has gone through the username & password screen first
            var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();

@@ -264,6 +282,11 @@ namespace BTCPayServer.Controllers
        [ValidateAntiForgeryToken]
        public async Task<IActionResult> LoginWith2fa(LoginWith2faViewModel model, bool rememberMe, string returnUrl = null)
        {
+            if (!CanLoginOrRegister())
+            {
+                return RedirectToAction("Login");
+            }
+
            if (!ModelState.IsValid)
            {
                return View(model);
@@ -305,6 +328,11 @@ namespace BTCPayServer.Controllers
        [AllowAnonymous]
        public async Task<IActionResult> LoginWithRecoveryCode(string returnUrl = null)
        {
+            if (!CanLoginOrRegister())
+            {
+                return RedirectToAction("Login");
+            }
+
            // Ensure the user has gone through the username & password screen first
            var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
            if (user == null)
@@ -322,6 +350,11 @@ namespace BTCPayServer.Controllers
        [ValidateAntiForgeryToken]
        public async Task<IActionResult> LoginWithRecoveryCode(LoginWithRecoveryCodeViewModel model, string returnUrl = null)
        {
+            if (!CanLoginOrRegister())
+            {
+                return RedirectToAction("Login");
+            }
+
            if (!ModelState.IsValid)
            {
                return View(model);
@@ -366,7 +399,8 @@ namespace BTCPayServer.Controllers
        [AllowAnonymous]
        public async Task<IActionResult> Register(string returnUrl = null, bool logon = true, bool useBasicLayout = false)
        {
-            var policies = await _SettingsRepository.GetSettingAsync<PoliciesSettings>() ?? new PoliciesSettings();
+            CanLoginOrRegister();
+                var policies = await _SettingsRepository.GetSettingAsync<PoliciesSettings>() ?? new PoliciesSettings();
            if (policies.LockSubscription && !User.IsInRole(Roles.ServerAdmin))
                return RedirectToAction(nameof(HomeController.Index), "Home");
            ViewData["ReturnUrl"] = returnUrl;
@@ -381,6 +415,11 @@ namespace BTCPayServer.Controllers
        [ValidateAntiForgeryToken]
        public async Task<IActionResult> Register(RegisterViewModel model, string returnUrl = null, bool logon = true)
        {
+            if (!CanLoginOrRegister())
+            {
+                return RedirectToAction("Register");
+            }
+
            ViewData["ReturnUrl"] = returnUrl;
            ViewData["Logon"] = logon.ToString(CultureInfo.InvariantCulture).ToLowerInvariant();
            ViewData["AllowIsAdmin"] = _Options.AllowAdminRegistration;
@@ -580,6 +619,21 @@ namespace BTCPayServer.Controllers
                return RedirectToAction(nameof(HomeController.Index), "Home");
            }
        }
+        
+        
+        private bool CanLoginOrRegister()
+        {
+            if (_btcPayServerEnvironment.IsDevelopping || _btcPayServerEnvironment.IsSecure) return true;
+            TempData.SetStatusMessageModel(new StatusMessageModel()
+            {
+                Severity = StatusMessageModel.StatusSeverity.Error,
+                Message = "You cannot login over an insecure connection. Please use HTTPS or Tor."
+            });
+            
+            ViewData["disabled"] = true;
+            return false;
+
+        }

        #endregion
    }