public JsonResult TextPasswordResetCode(string phoneNumber) { using (var db = new WorktripEntities()) { var user = db.Users.FirstOrDefault(u => u.PhoneNumber == phoneNumber); if (user == null) { return(Json(new { status = -1, message = "This number is not registered with us" })); } //string code = UserManager.GeneratePasswordResetToken(user.Id); var tokenProvider = new TotpSecurityStampBasedTokenProvider <ApplicationUser, String>(); string code = tokenProvider.GenerateAsync("smspwcode", UserManager, UserManager.FindById(user.Id)).Result; var callbackUrl = Url.Action("ResetPassword", "Home", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme); UserManager.SmsService.Send(new IdentityMessage { Destination = phoneNumber, Body = "Your WorkTrip Password Reset Link: " + callbackUrl }); return(Json(new { status = 0 })); } }
public ApplicationUserManager(IUserStore <User, int> store) : base(store) { UserValidator = new UserValidator <User, int>(this) { AllowOnlyAlphanumericUserNames = false, RequireUniqueEmail = true }; PasswordValidator = new MinimumLengthValidator(6); UserTokenProvider = new TotpSecurityStampBasedTokenProvider <User, int>(); }
public void TokenTest() { //ARRANGE var userId = "f2fc1e53-de75-4ca9-9453-fb6183754562"; //DateTime _unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); //TimeSpan _timestep = TimeSpan.FromMinutes(3.0); //var r = (long)((DateTime.UtcNow - _unixEpoch).Ticks / _timestep.Ticks); //var r1 = (long)((DateTime.UtcNow.AddMinutes(6) - _unixEpoch).Ticks / _timestep.Ticks); //var t = TimeSpan.FromTicks(r + 2); var store = new UserStore <ApplicationUser>(new ApplicationDbContext()); var passwordValidator = new PasswordValidator(); //var userValidator = new UserValidator<ApplicationUser>(); var tokenProvider = new TotpSecurityStampBasedTokenProvider <ApplicationUser, string>(); var manager = new ApplicationUserManager(store, tokenProvider, passwordValidator, null); var securityToken = new SecurityToken(Encoding.Unicode.GetBytes(manager.GetSecurityStamp(userId))); var utcNow = new DateTime(2017, 08, 19, 11, 57, 00, DateTimeKind.Utc); //var utcRondom = new DateTime(2017, 08, 19, 12, 03, 00, DateTimeKind.Utc); var code = Rfc6238AuthenticationService.GenerateCode(securityToken, utcNow); //ACT for (var i = 0; i < 600; i++) { var timeSimulated = utcNow.AddSeconds(i); var isValid = Rfc6238AuthenticationService.ValidateCode(securityToken, code, timeSimulated); if (!isValid) { } } //var now = Rfc6238AuthenticationService.ValidateCode(securityToken, code, utcNow); //var rondom = Rfc6238AuthenticationService.ValidateCode(securityToken, code, utcRondom); //var after_3_min = Rfc6238AuthenticationService.ValidateCode(securityToken, code, utcNow.AddMinutes(3)); //var after_6_min = Rfc6238AuthenticationService.ValidateCode(securityToken, code, utcNow.AddMinutes(6)); //var after_10_min = Rfc6238AuthenticationService.ValidateCode(securityToken, code, utcNow.AddMinutes(10)); //var after_T3_min = Rfc6238AuthenticationService.ValidateCode(securityToken, code, utcNow.AddMinutes(-3)); //var after_T6_min = Rfc6238AuthenticationService.ValidateCode(securityToken, code, utcNow.AddMinutes(-6)); //var after_T10_min = Rfc6238AuthenticationService.ValidateCode(securityToken, code, utcNow.AddMinutes(-10)); ////ASSERT //Assert.IsTrue(now); //Assert.IsTrue(after_3_min); //Assert.IsTrue(after_6_min); //Assert.IsFalse(after_10_min); //Assert.IsTrue(after_T3_min); //Assert.IsTrue(after_T6_min); //Assert.IsFalse(after_T10_min); }
public void GetUser() { //ARRANGE DateTime _unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); TimeSpan _timestep = TimeSpan.FromMinutes(3.0); var r = (long)((DateTime.UtcNow - _unixEpoch).Ticks / _timestep.Ticks); var r1 = (long)((DateTime.UtcNow.AddMinutes(6) - _unixEpoch).Ticks / _timestep.Ticks); var t = TimeSpan.FromTicks(r + 2); var store = new UserStore <ApplicationUser>(new ApplicationDbContext()); var passwordValidator = new PasswordValidator(); //var userValidator = new UserValidator<ApplicationUser>(); var tokenProvider = new TotpSecurityStampBasedTokenProvider <ApplicationUser, string>(); var manager = new ApplicationUserManager(store, tokenProvider, passwordValidator, null); //ACT var token = manager.GenerateUserToken("Any", "f2fc1e53-de75-4ca9-9453-fb6183754562"); //ASSERT }
public JsonResult ResetTextPassword(string userId, string code, string password) { var tokenGenerator = new TotpSecurityStampBasedTokenProvider <ApplicationUser, String>(); var validCode = tokenGenerator.ValidateAsync("smspwcode", code, UserManager, UserManager.FindById(userId)).Result; var success = false; if (validCode) { string pwCode = UserManager.GeneratePasswordResetToken(userId); var result = UserManager.ResetPassword(userId, pwCode, password); success = result.Succeeded; } return(Json(new { status = success ? 0 : -1 })); }