public bool ValidateOTP(long accountId, string tel, string otp)
{
try
{
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string token = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{token}")}_{token}", otp))
{
return(true);
}
}
if (string.IsNullOrEmpty(otp) || (!OTP.OTP.ValidateOTP(accountId, otp, tel)))
{
return(false);
}
return(true);
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return(false);
}
public LockGold UpdateLockGold(long amount, int typeLock, string otp = "")
{
try
{
if (amount <= 0)
{
return new LockGold
{
ResponseCode = -99
}
}
;
if (typeLock == 2)
{
long accountId = AccountSession.AccountID;
var account = AccountDAO.GetAccountById(accountId);
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string token = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{token}")}_{token}", otp))
{
goto doneOTP;
}
}
if (string.IsNullOrEmpty(otp) || (!OTP.OTP.ValidateOTP(accountId, otp, account.Tel)))
{
return new LockGold
{
ResponseCode = -60
}
}
;
}
doneOTP:
SecurityDAO.UpdateLockGold(AccountSession.AccountID, amount, typeLock, "user lock", out long currGold);
return(new LockGold
{
ResponseCode = 1,
CurrentGold = currGold,
});
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return(new LockGold
{
ResponseCode = -99
});
}
public int UpdatePhoneNumber(string phoneNumber, string otp)
{
try
{
if (!PhoneDetector.IsValidPhone(phoneNumber))
{
return(-54);
}
var accountId = AccountSession.AccountID;
var account = AccountDAO.GetAccountById(AccountSession.AccountID);
if (!string.IsNullOrEmpty(account.Tel))
{
string p = account.Tel;
if (!OTP.OTP.ValidateOTP(accountId, otp, p))
{
return(-60);
}
}
else
{
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string token = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{token}")}_{token}", otp))
{
goto doneOTP;
}
}
if (!OTP.OTP.ValidateOTP(accountId, otp, phoneNumber))
{
return(-60);
}
}
doneOTP:
SecurityDAO.UpdatePhoneNumber(AccountSession.AccountID, phoneNumber);
return(1);
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return(-99);
}
public int ChangePass(string old, string pass, string otp)
{
try
{
var accountId = AccountSession.AccountID;
var accountInfo = AccountDAO.GetAccountInfo(accountId);
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string token = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{token}")}_{token}", otp))
{
goto doneOTP;
}
}
if (string.IsNullOrEmpty(otp) || (!OTP.OTP.ValidateOTP(accountId, otp, accountInfo.Tel)))
{
return(-60);
}
doneOTP:
Regex rPassword = new Regex("^[a-zA-Z0-9_.-]{6,18}$");
if (!rPassword.IsMatch(old))
{
return(-30);
}
if (!rPassword.IsMatch(pass))
{
return(-30);
}
var account = SecurityDAO.GetByIdPass(accountId, Security.MD5Encrypt(old));
if (account == null)
{
return(-31);
}
SecurityDAO.ChangePassword(AccountSession.AccountID, Security.MD5Encrypt(old), Security.MD5Encrypt(pass));
return(1);
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return(-99);
}
public string RequestChangePass(string token, string otp)
{
try
{
string decryptToken = Security.TripleDESDecrypt(ConfigurationManager.AppSettings["OTPKey"], System.Web.HttpUtility.UrlDecode(token).Replace(" ", "+"));
string[] splData = decryptToken.Split('|');
long time = long.Parse(splData[0]);
if (TimeSpan.FromTicks(DateTime.Now.Ticks - time).TotalSeconds > 120)
{
return("-1"); //Experied captcha
}
long accountId = Convert.ToInt64(splData[1]);
string phoneNumber = splData[2].ToString();
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string tokenOTPa = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{tokenOTPa}")}_{tokenOTPa}", otp))
{
goto doneOTP;
}
}
if (string.IsNullOrEmpty(otp) || (!OTP.OTP.ValidateOTP(accountId, otp, phoneNumber)))
{
return("-60");
}
doneOTP:
string tokenOTP = $"{DateTime.Now.Ticks}|{accountId}|{phoneNumber}";
return(Security.TripleDESEncrypt(ConfigurationManager.AppSettings["OTPKey"], tokenOTP));
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return("-99");
}
public int UpdateRegisterSMSPlus(bool isCancel, string otp = "")
{
try
{
var accountId = AccountSession.AccountID;
var accountInfo = AccountDAO.GetAccountInfo(accountId);
if (string.IsNullOrEmpty(accountInfo.Tel))
{
return(-99);
}
if (isCancel)
{
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string token = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{token}")}_{token}", otp))
{
goto doneOTP;
}
}
if (string.IsNullOrEmpty(otp) || (!OTP.OTP.ValidateOTP(accountId, otp, accountInfo.Tel)))
{
return(-60);
}
}
doneOTP:
SecurityDAO.UpdateRegisterSMSPlus(AccountSession.AccountID, isCancel);
return(1);
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return(-99);
}
public long Transfer2(string accountName, long amount, string reason, string otp)
{
try
{
var accountId = AccountSession.AccountID;
var accountInfo = AccountDAO.GetAccountInfo(accountId);
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string token = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{token}")}_{token}", otp))
{
goto doneOTP;
}
}
if (string.IsNullOrEmpty(otp) || (!OTP.OTP.ValidateOTP(accountId, otp, accountInfo.Tel)))
{
return(-60);
}
doneOTP:
var account = AccountDAO.GetAccountByAccountName(accountName);
if (account == null)
{
return(-58);
}
if (amount < 10200)
{
return(-80);
}
NLogManager.LogMessage($"Transfer => {accountName}|{amount}|{reason}");
amount = (long)(amount / 1.02);
var myAccount = AccountDAO.GetAccountById(AccountSession.AccountID);
if (!myAccount.IsAgency)
{
long totalTransfer = amount + (long)(amount * 0.02);
return(TransactionDAO.SendGold(AccountSession.AccountID,
account.AccountID,
AccountSession.AccountName,
account.DisplayName,
account.IsAgency,
totalTransfer,
amount,
reason));
}
else
{
var agencyInfo = AccountDAO.GetAgencyInfo(AccountSession.AccountID);
if (agencyInfo.Level == 2)
{
return(TransactionDAO.Transfer(
agencyInfo.ID,
agencyInfo.GameAccountId,
agencyInfo.Username,
amount,
account.IsAgency ? 0 : (long)(amount * 0.02),
agencyInfo.Level,
reason,
account.AccountID,
account.DisplayName,
account.IsAgency
));
}
else
{
return(-99);
}
}
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return(-99);
}
public ApiAccountReponse LoginOTP(PostLoginOTP data)
{
try
{
//NLogManager.LogMessage(JsonConvert.SerializeObject(data));
string decryptToken = Security.TripleDESDecrypt(ConfigurationManager.AppSettings["OTPKey"], System.Web.HttpUtility.UrlDecode(data.tokenOTP).Replace(" ", "+"));
string[] splData = decryptToken.Split('|');
long time = long.Parse(splData[0]);
if (TimeSpan.FromTicks(DateTime.Now.Ticks - time).TotalSeconds > 120)
{
return new ApiAccountReponse {
Code = -1
}
}
; //Experied captcha
long accountId = Convert.ToInt64(splData[1]);
string displayName = splData[2].ToString();
int device = Convert.ToInt32(splData[3]);
var account = AccountDAO.GetAccountById(accountId);
if (account.IsBlocked)
{
return new ApiAccountReponse {
Code = -65
}
}
;;
NLogManager.LogMessage("LOGIN OTP: " + accountId + "|" + data.otp);
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string token = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{token}")}_{token}", data.otp))
{
goto doneOTP;
}
}
if (!OTP.OTP.ValidateOTP(accountId, data.otp, account.Tel))
{
NLogManager.LogMessage("ValidateOTP: " + -60);
return(new ApiAccountReponse {
Code = -60
});
}
doneOTP:
LogDAO.Login(device, IPAddressHelper.GetClientIP(), accountId, 1);
SetAuthCookie(accountId, account.DisplayName, device, account.UserType);
return(new ApiAccountReponse {
Code = 1, Account = account
});
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return(new ApiAccountReponse
{
Code = -99
});
}
