diff --git a/backend/dotnet/core/RestBioAspNetCoreSample/Controllers/SessionsController.cs b/backend/dotnet/core/RestBioAspNetCoreSample/Controllers/SessionsController.cs index 603eb18..a357d95 100644 --- a/backend/dotnet/core/RestBioAspNetCoreSample/Controllers/SessionsController.cs +++ b/backend/dotnet/core/RestBioAspNetCoreSample/Controllers/SessionsController.cs @@ -307,18 +307,77 @@ public async Task Identification2DAsync(BioIdentifica } [HttpPost("identification")] - public async Task StartIdentificationAsync(BioIdentificationRequest request, Guid? subscriptionId = null) { - return await restBioService.StartIdentificationAsync(request, subscriptionId); + public async Task StartIdentificationAsync( ) { + + // This is an example of how to start an identification session. + // You must implement your own security measures to ensure that only users + // you want to have access to this endpoint can call it. + + // The response of the following call contains the session URL that + // will be loaded in the Widget to start the biometric session. + + var response = await restBioService.StartIdentificationSessionAsync(new StartBioIdentificationSessionRequest { + TrustedOrigin = exampleConfig.Value.TrustedOrigin, + // Additional properties for identification session: + FaceCaptureProvider = Lacuna.RestPki.Api.FaceCaptureProviders.FaceTecLiveness3d + }); + + + // Although not mandatory, you may want to save the SessionId in your database + // along with your user/session information, as you can use this ID to retrieve + // the status of the session by later using the GetIdentificationDocumentCaptureSessionStatusAsync() + // method. But at the end of the session, the Widget will return you a ticket + // that you can use to retrieve the session status without needing to store + // the SessionId. + + // Available properties of the response: + _ = response.SessionUrl; // The URL to be loaded in the Widget to start the biometric session. + _ = response.SessionId; // The ID of the session. + _ = response.SessionType; // The type of the session (IdentificationDocumentCapture). + + return response; } - [HttpGet("identification/status")] - public async Task GetIdentificationSessionStatusAsync(string ticket) { - if (Guid.TryParse(ticket, out var result)) { - return await restBioService.GetIdentificationStatusAsync(result); + [HttpPost("identification/completion")] + public async Task GetIdentificationSessionCompletionAsync(CompleteBioSessionRequest request) { + + // This is an example of how to complete an identification session. + // You must implement your own security measures to ensure that only users + // you want to have access to this endpoint can call it. + + // By calling the following endpoint, you will get the final status of the + // biometric session. + + var result = await restBioService.CompleteIdentificationSessionAsync(request.Ticket); + + // Available properties of the result: + var sessionId = result.SessionId; // The ID of the session. + + // Authentication-specific properties (the exact properties may vary based on the actual model structure): + // Note: The properties below are based on the liveness model and may need adjustment for authentication + // You should verify the actual properties available in BioAuthenticationSessionStatusModel + + var success = result.Success; // Whether the biometric session was successful or not. + + if (success == true) { + // The biometric session was successful and the user was authenticated. + + } else if (success == false) { + // The biometric session was completed, but authentication failed. + // Here you may want to retry, lock the account, or implement other security measures. + + } else { + // The biometric session is still in progress. This should not happen here, + // as the Widget will only provide a complete ticket when the session is completed + // (either successfully or not). } - return await restBioService.GetIdentificationStatusAsync(ticket); + return result; + } + [HttpGet("identification/status")] + public async Task GetIdentificationSessionStatusAsync(Guid sessionId) { + return await restBioService.GetIdentificationSessionStatusAsync(sessionId); } }