Esempio n. 1
0
        public UserCookie ValidateUser(string phoneNumber, int oneTimePassword, string deviceId, string random)
        {
            string normalizedPhone = PhoneNumberUtils.ValidatePhoneNumber(phoneNumber);

            User existingUser = UserDbQuery.Instance.GetUserFromPhone(normalizedPhone);

            if (existingUser == null)
            {
                throw new Exception("User not registered");
            }

            Authenticator.TOTP oneTimePasswordValidator = new Authenticator.TOTP(existingUser.UserData.Secret, 30, 6);
            if (!oneTimePasswordValidator.Verify(oneTimePassword))
            {
                throw new Exception("Invalid one-time password");
            }

            UserCookie cookie = UserCookie.GetCookie(existingUser.UserData, deviceId);

            if (cookie == null)
            {
                cookie = UserCookie.CreateCookie(existingUser.UserData, deviceId);
            }
            else
            {
                cookie.Update();
            }

            return(cookie);
        }
Esempio n. 2
0
        public static bool Validate(UserData user, UserCookie cookie)
        {
            UserCookie realCookie = UserCookie.GetCookie(user, cookie.DeviceId);

            return(realCookie.Equals(cookie));
        }