// 准备手机短信验证登录的第二阶段:匹配验证码 public bool MatchTempPassword( TempCodeCollection table, string strPhoneNumber, string strClientIP, string strPassword, out string strError) { strError = ""; string strKey = this.UserID + "|" + strPhoneNumber + "|" + strClientIP; TempCode code = table.FindTempCode(strKey); if (code == null) { strError = "当前用户的验证码尚未初始化"; return false; } if (DateTime.Now > code.ExpireTime) { strError = "验证码已经过期失效"; return false; } if (strPassword != code.Code) { strError = "验证码匹配失败"; return false; } return true; }
static TimeSpan _expireLength = TimeSpan.FromMinutes(10); // 10 分钟 // 准备手机短信验证登录的第一阶段:产生验证码 // return: // -1 出错 // 0 沿用以前的验证码 // 1 用新的验证码 public int PrepareTempPassword( TempCodeCollection table, string strClientIP, string strPhoneNumber, out TempCode code, out string strError) { strError = ""; code = null; if (string.IsNullOrEmpty(strPhoneNumber)) { strError = "strPhoneNumber 参数值不应为空"; return -1; } strPhoneNumber = strPhoneNumber.Trim(); if (string.IsNullOrEmpty(strPhoneNumber)) { strError = "strPhoneNumber 参数值不应为空(1)"; return -1; } string strList = GetPhoneNumberBindingString(); if (string.IsNullOrEmpty(strList)) { strError = "当前账号未曾做过手机短信方式(sms:)绑定"; return -1; // 没有做过 sms: 绑定 } List<string> list = StringUtil.SplitList(strList, '|'); if (list.IndexOf(strPhoneNumber) == -1) { strError = "所提供的电话号码 '" + strPhoneNumber + "' 不在手机绑定号码列表中"; return -1; // 电话号码没有在列表中 } // 检索看看是否有已经存在的密码 bool bExist = false; DateTime now = DateTime.Now; string strKey = this.UserID + "|" + strPhoneNumber + "|" + strClientIP; code = table.FindTempCode(strKey); if (code != null) { if (code.ExpireTime < now) code = null; // 迫使重新取号 else { // 失效期还没有到。主动延长一次失效期 code.ExpireTime = DateTime.Now + _expireLength; bExist = true; } } if (code == null) { // 重新设定一个密码 Random rnd = new Random(); code = new TempCode(); code.Key = strKey; code.Code = rnd.Next(1, 999999).ToString(); code.ExpireTime = DateTime.Now + _expireLength; } table.SetTempCode(code.Key, code); // strTempCode = code.Code; if (bExist) return 0; return 1; }