public async Task <bool> CheckOneTimePasswordCode(string userName, string code, string channelId)
{
var urlService = WebConfigurationManager.AppSettings["authRestServiceUrl"];
HttpClient client = new HttpClient
{
BaseAddress = new Uri(urlService)
};
var otpCodeDto = new OtpCodeDto();
otpCodeDto.UserName = userName;
otpCodeDto.OneTimePasswordCode = code;
otpCodeDto.ChannelId = channelId;
StringContent content = new StringContent(JsonConvert.SerializeObject(otpCodeDto), Encoding.UTF8, ContentType.Json);
var checkUserAccessTokenRequest = await client.PostAsync(checkAuthUserEndpoint, content);
var checkUserAccessTokenResponse = await checkUserAccessTokenRequest.Content.ReadAsStringAsync();
if (checkUserAccessTokenResponse == "true")
{
return(true);
}
else
{
return(false);
}
}
public async Task <bool> CheckOneTimePassword([FromBody] OtpCodeDto otpCodeDto)
{
var secretkey = string.Empty;
var email = string.Empty;
var userId = string.Empty;
if (otpCodeDto.ChannelId == "sms")
{
var smsUser = this._context.SmsUser.Where(smsuser => smsuser.UserName == otpCodeDto.UserName).FirstOrDefault();
if (smsUser == null)
{
return(false);
}
secretkey = smsUser.SecretKey;
email = smsUser.EMail;
userId = smsUser.UserId;
}
if (otpCodeDto.ChannelId == "directline")
{
var directLineUser = this._context.DirectLineUser.Where(smsuser => smsuser.UserName == otpCodeDto.UserName).FirstOrDefault();
if (directLineUser == null)
{
return(false);
}
secretkey = directLineUser.SecretKey;
email = directLineUser.EMail;
userId = directLineUser.UserId;
}
int otpDigits = 6;
var secretKey = secretkey;
Key key = new Key(secretKey);
var secret = key.Base32;
TimeBasedOtpGenerator otp = new TimeBasedOtpGenerator(key, otpDigits);
var time = GetNistTime();
var tst = otp.GenerateOtp(time);
Key keySecret = new Key(secretKey);
time = GetNistTime();
TimeBasedOtpGenerator otp3 = new TimeBasedOtpGenerator(keySecret, otpDigits);
var valid = otp.ValidateOtp(otpCodeDto.OneTimePasswordCode, time);
if (valid)
{
var jwtoken = new JwtManager();
var expirationTime = DateTime.UtcNow.AddMinutes(59);
var jwt = jwtoken.GenerateJwtToken(email, userId, 60);
if (otpCodeDto.ChannelId == "sms")
{
_context.SmsLogin.Add(new Data.Entities.SmsLogin {
UserName = otpCodeDto.UserName, ExpirationTime = expirationTime, Jwt = jwt
});
_context.SaveChanges();
}
if (otpCodeDto.ChannelId == "directline")
{
_context.DirectLineLogins.Add(new Data.Entities.DirectLineLogins {
UserName = otpCodeDto.UserName, ExpirationTime = expirationTime, Jwt = jwt.ToString()
});
_context.SaveChanges();
}
}
return(valid);
}
