public async Task <IActionResult> Valid(int code)
{
var valid = _totp.Validate(CurremtUser.SecretKeyFor2FA
, code, 30);
if (!valid)
{
return(Json(new { result = 0, msg = "2FA校验失败" }));
}
//校验成功后 如果是第一次绑定校验 需将用户的accountSecretKey 存入数据库
CurremtUser.IsOpen2FA = true;
await _userService.UpdateAsync(CurremtUser);
_cacheManage.Remove(string.Format(CacheKeys.GetUserForEmail, CurremtUser.Email));
var claims = new List <Claim>
{
new Claim("user", CurremtUser.Email),
new Claim("role", "Member")
};
await HttpContext.SignInAsync(new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookies", "user", "role")));
return(Json(new { result = 1, msg = "2FA校验成功", url = "/Home/Index" }));
}
public ActionResult <IEnumerable <string> > Valid(int code)
{
var valid = _totp.Validate("secret", code);
return(new[] { valid.ToString() });
}
