public async Task<TwoFactorResponseModel> PutTwoFactor([FromBody]UpdateTwoFactorRequestModel model)
{
var user = _currentContext.User;
if(!await _userManager.CheckPasswordAsync(user, model.MasterPasswordHash))
{
await Task.Delay(2000);
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
}
if(!await _userManager.VerifyTwoFactorTokenAsync(user, "Authenticator", model.Token))
{
await Task.Delay(2000);
throw new BadRequestException("Token", "Invalid token.");
}
user.TwoFactorProvider = TwoFactorProvider.Authenticator;
user.TwoFactorEnabled = model.Enabled.Value;
user.TwoFactorRecoveryCode = user.TwoFactorEnabled ? Guid.NewGuid().ToString("N") : null;
await _userService.SaveUserAsync(user);
var response = new TwoFactorResponseModel(user);
return response;
}