/// <summary> /// 跟新密码 /// </summary> /// <param name="userName"></param> /// <param name="oldPassword"></param> /// <param name="newPassword"></param> /// <returns></returns> public bool UpdatePassword(String oldPassword, String newPassword) { try { if (CurrentUser.Id != default(Guid)) { var manager = Repository.FirstOrDefault(p => p.Id == CurrentUser.Id && p.State == (int)EnumState.Normal); if (manager == null) { throw new BusinessException(BusinessResultCode.NoUser, "用户不存在或被删除"); } var securtyKey = manager.Id + manager.Salt; var validator = new TotpValidator(new TotpGenerator()); var hashPwd = GetHashPwd(oldPassword, manager.Salt); if (!hashPwd.Equals(manager.Pwd)) { throw new BusinessException(BusinessResultCode.NoUserOrPasswordError, "用户不存在或密码错误"); } manager.Pwd = GetHashPwd(newPassword, manager.Salt); Repository.Update(manager); return(true); } else { return(false); } } catch (Exception ex) { Log4NetHelper.WriteError(GetType(), ex, $"修改密码错误-{ex.Message}"); return(false); } }
/// <summary> /// Validate code passed by user /// </summary> public static bool Validate(string code, string secret) { bool valid = false; int tokeni; if (code != null && int.TryParse(code, out tokeni)) { var totpv = new TotpValidator(_totpGenerator); valid = totpv.Validate( secret, tokeni, GenerationPeriodSeconds ); } return(valid); }
public bool ValidateToken(string phoneNumber, int token) { return(true); var existingToken = _totpTokenRepository.GetToken(phoneNumber); if (existingToken == 0) { throw new UnregisteredPhoneNumberException(); } if (existingToken != token) { throw new InvalidTokenException(); } var totpValidator = new TotpValidator(_totpGenerator); return(totpValidator.Validate(_secretKey, token, _totpTokenLifetimeInSeconds)); }
public TotpValidatorTests() { this.totpValidator = new TotpValidator(); this.totpGenerator = new TotpGenerator(); }
public TotpValidatorTests() { totpGenerator = new TotpGenerator(); totpValidator = new TotpValidator(totpGenerator); }
/// <summary> /// 登录 /// </summary> /// <param name="userName">用户名</param> /// <param name="password">密码</param> /// <param name="authenticateNum">验证码</param> /// <returns>登录结果及用户信息</returns> public ExcutedResult SignIn(string userName, string password, int authenticateNum) { //query manager by userName var manager = Repository.FirstOrDefault(p => p.Account == userName && p.State == (int)EnumState.Normal); if (manager == null) { return(ExcutedResult.FailedResult(BusinessResultCode.NoUserOrPasswordError, "用户不存在或被删除")); } ExcutedResult result; //verify error times and last error time if (manager.ErrorTimes > 5) { if (manager.LastErrorTime.HasValue) { var endTime = manager.LastErrorTime.Value.AddHours(12); if (endTime > DateTime.UtcNow) { return(ExcutedResult.FailedResult(BusinessResultCode.AccountLockedTryLater, $"{BusinessResultCode.AccountLockedTryLater}:{endTime.ToStandardFormat()}。")); } } else { manager.LastErrorTime = DateTime.UtcNow; var endTime = manager.LastErrorTime.Value.AddHours(12); Repository.Update(manager); return(ExcutedResult.FailedResult(BusinessResultCode.AccountLockedTryLater, $"{BusinessResultCode.AccountLockedTryLater}:{endTime.ToStandardFormat()}。")); } } //securtyKey=manager.Id+salt var securtyKey = manager.Id + manager.Salt; var validator = new TotpValidator(new TotpGenerator()); //hashpwd=hash(salt+hash(password + salt)) var hashPwd = GetHashPwd(password, manager.Salt); //hashpwd equal manager.hashpwd //verify authenticateNum if (validator.Validate(securtyKey, authenticateNum) && hashPwd.Equals(manager.Pwd)) { manager.ErrorTimes = 0; manager.LastErrorTime = null; manager.LastLoginTime = DateTime.UtcNow; //if success, return userinfo var baseInfo = new PrincipalUser { UserName = manager.Account, Id = manager.Id, Mobile = manager.Mobile, NickName = manager.Name, Role = manager.ManagerType }; result = ExcutedResult.SuccessResult(baseInfo); } else { manager.ErrorTimes++; manager.LastErrorTime = DateTime.UtcNow; result = ExcutedResult.FailedResult(BusinessResultCode.NoUserOrPasswordError, "用户不存在或密码错误"); } //update error times and last error time Repository.Update(manager); return(result); }
public TotpCatpcha(IOptionsMonitor <CaptchaOptions> options) { Options = options; TotpGenerator = new TotpGenerator(); TotpValidator = new TotpValidator(TotpGenerator); }