public async Task <IActionResult> GenerateOTP([FromBody] PhoneLoginViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await GetUser(model);
if (user == null)
{
return(BadRequest("No User found in database on this phone no."));
}
var response = await SendSmsRequet(model, user);
if (!response.Result)
{
return(BadRequest("Sending sms failed"));
}
var protectToken = await _userManager.GenerateUserTokenAsync(user, "Default", TokenPurpose.MobilePasswordAuth);
var body = GetBody(response.VerifyToken, protectToken);
return(Accepted(body));
}
public async Task <IActionResult> Put(string resendToken, [FromBody] PhoneLoginViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await GetUser(model);
if (!await _dataProtectorTokenProvider.ValidateAsync("resend_token", resendToken, _userManager, user))
{
return(BadRequest("Invalid resend token"));
}
var response = await SendSmsRequet(model, user);
if (!response.Result)
{
return(BadRequest("Sending sms failed"));
}
var newResendToken = await _dataProtectorTokenProvider.GenerateAsync("resend_token", _userManager, user);
var body = GetBody(response.VerifyToken, newResendToken);
return(Accepted(body));
}
public async Task <IActionResult> Post([FromBody] PhoneLoginViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await GetUser(model);
var(verifyToken, result) = await SendSmsRequet(model, user);
if (!result)
{
return(BadRequest("Sending sms failed"));
}
var resendToken = await _dataProtectorTokenProvider.GenerateAsync("resend_token", _userManager, user);
var body = new Dictionary <string, string>
{
{ "resend_token", resendToken }
};
return(Accepted(body));
}
private async Task<(string VerifyToken, bool Result)> SendSmsRequet(PhoneLoginViewModel model,
ApplicationUser user)
{
var verifyToken = await _phoneNumberTokenProvider.GenerateAsync("verify_number", _userManager, user);
var result =
await _smsService.SendAsync(model.PhoneNumber, $"Your login verification code is: {verifyToken}");
return (verifyToken, result);
}
async Task <(string VerifyToken, bool Result)> SendSmsRequet(PhoneLoginViewModel model, UserIdentity user)
{
var verifyToken = await _phoneNumberTokenProvider.GenerateAsync(TokenPurpose.MobilePasswordAuth, _userManager, user);
var sms = $"<#>{Environment.NewLine}Your OTP Code is:{verifyToken}{Environment.NewLine}[{model.AppHash}]";
var result = await _smsService.SendAsync(model.PhoneNumber, sms);
return(verifyToken, result);
}
public async Task <IActionResult> Put(string resendToken, [FromBody] PhoneLoginViewModel loginViewModel)
{
var user = await GetUser(loginViewModel);
if (!await _dataProtectorTokenProvider.ValidateAsync("resend_token", resendToken, _userManager, user))
{
return(BadRequest("Invalid verificationId"));
}
return(Accepted());
}
private async Task<ApplicationUser> GetUser(PhoneLoginViewModel loginViewModel)
{
var phoneNumber = _userManager.NormalizeKey(loginViewModel.PhoneNumber);
var user = await _userManager.Users.SingleOrDefaultAsync(x => x.PhoneNumber == phoneNumber)
?? new ApplicationUser
{
PhoneNumber = loginViewModel.PhoneNumber,
SecurityStamp = new Secret("your_secret_key").Value + loginViewModel.PhoneNumber.Sha256()
};
return user;
}
private async Task <User> GetUser(PhoneLoginViewModel loginViewModel)
{
var phoneNumber = _userManager.NormalizeKey(loginViewModel.PhoneNumber);
var user = await _userManager.Users.SingleOrDefaultAsync(x => x.PhoneNumber == phoneNumber)
?? new User
{
Id = -1,
PhoneNumber = loginViewModel.PhoneNumber,
SecurityStamp = loginViewModel.PhoneNumber.Sha256(),
};
return(user);
}
public async Task <IActionResult> Post([FromBody] PhoneLoginViewModel loginViewModel)
{
var user = await GetUser(loginViewModel);
var resendToken = await _dataProtectorTokenProvider.GenerateAsync("resend_token", _userManager, user);
var token = await _phoneNumberTokenProvider.GenerateAsync("verify_number", _userManager, user);
var success = await _smsService.SendAsync(loginViewModel.PhoneNumber, $"Your Autostop verification code is: {token}");
var result = new Dictionary <string, string> {
{ "resend_token", resendToken }
};
return(success ? (IActionResult)Accepted(result) : BadRequest());
}
async Task <UserIdentity> GetUser(PhoneLoginViewModel loginViewModel)
{
var phoneNumber = loginViewModel.PhoneNumber;
return(await _userManager.Users.FirstOrDefaultAsync(x => x.PhoneNumber == phoneNumber));
}
public async Task <IActionResult> GenerateOTP([FromForm] string protectToken, [FromForm] PhoneLoginViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await GetUser(model);
if (!await _userManager.VerifyUserTokenAsync(user, "Default", TokenPurpose.MobilePasswordAuth, protectToken))
{
return(BadRequest("Invalid protect token"));
}
var response = await SendSmsRequet(model, user);
if (!response.Result)
{
return(BadRequest("Sending sms failed"));
}
var newProtectToken = await _userManager.GenerateUserTokenAsync(user, "Default", TokenPurpose.MobilePasswordAuth);
var body = GetBody(response.VerifyToken, newProtectToken);
return(Accepted(body));
}
