dmolinari/MotoresArgentinosV2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat: Seguridad avanzada para cambio de email y gestión de MFA

Browse Source 
- Backend: Implementada lógica de tokens para cambio de mail y desactivación de 2FA.
- Frontend: Nuevos flujos de verificación en Perfil y Panel de Seguridad.
This commit is contained in:
dmolinari
2026-02-12 15:24:32 -03:00
parent 8c8c49894a
commit e096ed1590
10 changed files with 891 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
Backend/MotoresArgentinosV2.Core/DTOs/SecurityDtos.cs Normal file
View File

@@ -0,0 +1,17 @@
namespace MotoresArgentinosV2.Core.DTOs;
public class InitiateEmailChangeRequest
{
public string NewEmail { get; set; } = string.Empty;
public string MfaCode { get; set; } = string.Empty; // Código de Google Authenticator
}
public class ConfirmEmailChangeRequest
{
public string Token { get; set; } = string.Empty;
}
public class ConfirmSecurityActionRequest
{
public string Token { get; set; } = string.Empty; // Código numérico enviado por mail
}

9
Backend/MotoresArgentinosV2.Core/Entities/AppEntities.cs
View File

@@ -61,6 +61,15 @@ public class User
public DateTime? PasswordResetTokenExpiresAt { get; set; }
public DateTime? LastPasswordResetEmailSentAt { get; set; }
// Para cambio de email
public string? NewEmailCandidate { get; set; }
public string? EmailChangeToken { get; set; }
public DateTime? EmailChangeTokenExpiresAt { get; set; }
// Para reset/desactivación de MFA
public string? SecurityActionToken { get; set; }
public DateTime? SecurityActionTokenExpiresAt { get; set; }
// Bloqueo de usuario
public bool IsBlocked { get; set; }
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;

8
Backend/MotoresArgentinosV2.Core/Interfaces/IIdentityService.cs
View File

@@ -16,5 +16,13 @@ public interface IIdentityService
Task<(bool Success, string Message)> ForgotPasswordAsync(string email);
Task<(bool Success, string Message)> ResetPasswordAsync(string token, string newPassword);
Task<(bool Success, string Message)> ChangePasswordAsync(int userId, string current, string newPwd);
// Cambio de Email Seguro
Task<(bool Success, string Message)> InitiateEmailChangeAsync(int userId, string newEmail, string mfaCode);
Task<(bool Success, string Message)> ConfirmEmailChangeAsync(string token);
// Gestión MFA Segura
Task<(bool Success, string Message)> InitiateMFADisableAsync(int userId);
Task<(bool Success, string Message)> ConfirmMFADisableAsync(int userId, string token);
Task<(bool Success, string Message)> InitiateMFAReconfigureAsync(int userId);
Task<User> CreateGhostUserAsync(string email, string firstName, string lastName, string phone);
}