private async Task SaveOrUpdateAsync(OtpDto input, bool isNew)
{
using (var uow = _uowManager.Begin(TransactionScopeOption.RequiresNew))
{
var item = new OtpAuditItem
{
Id = input.OperationId,
Otp = input.Pin,
ExpiresOn = input.ExpiresOn,
ActionType = input.ActionType,
SendType = input.SendType,
SendTo = input.SendTo,
RecipientId = input.RecipientId,
RecipientType = input.RecipientType,
SentOn = input.SentOn,
SendStatus = input.SendStatus,
ErrorMessage = input.ErrorMessage
};
if (isNew) // note we generate Id manually
{
await _otpAuditRepository.InsertAsync(item);
}
else
{
await _otpAuditRepository.UpdateAsync(item);
}
await uow.CompleteAsync();
}
}
/// inheritedDoc
public async Task SaveAsync(OtpDto input)
{
if (input.ExpiresOn.HasValue && input.ExpiresOn.Value <= DateTime.Now)
{
return;
}
await InternalCache.SetAsync(input.OperationId,
input,
slidingExpireTime : input.ExpiresOn.HasValue
?input.ExpiresOn.Value - DateTime.Now
: (TimeSpan?)null);
}
public async Task <IActionResult> GetOtp(OtpDto otpDto)
{
dynamic jsonObject = new JObject();
jsonObject.phone = otpDto.Phone;
AuthorityModel model = new AuthorityModel()
{
payload = jsonObject,
token = ""
};
return(Ok(await Auth(VerifyEnum.account, model)));
}
private async Task SendInternal(OtpDto otp)
{
switch (otp.SendType)
{
case OtpSendType.Sms:
{
var bodyTemplate = await _settingManager.GetSettingValueAsync(OtpSettingsNames.DefaultBodyTemplate);
if (string.IsNullOrWhiteSpace(bodyTemplate))
{
bodyTemplate = OtpSettingProvider.DefaultBodyTemplate;
}
// todo: use mustache
var messageBody = bodyTemplate.Replace("{{password}}", otp.Pin);
await _smsGateway.SendSmsAsync(otp.SendTo, messageBody);
break;
}
case OtpSendType.Email:
{
var bodyTemplate = await _settingManager.GetSettingValueAsync(OtpSettingsNames.DefaultBodyTemplate);
var subjectTemplate = await _settingManager.GetSettingValueAsync(OtpSettingsNames.DefaultSubjectTemplate);
var body = bodyTemplate.Replace("{{password}}", otp.Pin);
var subject = subjectTemplate.Replace("{{password}}", otp.Pin);
await _emailSender.SendAsync(otp.SendTo, subject, body, false);
break;
}
default:
throw new NotSupportedException($"unsupported {nameof(otp.SendType)}: {otp.SendType}");
}
}
/// <summary>
/// Save OTP to the DB
/// </summary>
public async Task SaveAsync(OtpDto input)
{
await SaveOrUpdateAsync(input, true);
}
public async Task <IActionResult> OtpForgotPassword(OtpDto otpForgotDto)
{
return(await GetOtp(otpForgotDto));
}
/// <summary>
/// Send one-time-pin
/// </summary>
public async Task <SendPinDto> SendPinAsync(SendPinInput input)
{
if (string.IsNullOrWhiteSpace(input.SendTo))
{
throw new Exception($"{input.SendTo} must be specified");
}
// generate new pin and save
var otp = new OtpDto()
{
OperationId = Guid.NewGuid(),
Pin = _otpGenerator.GeneratePin(),
SendTo = input.SendTo,
SendType = input.SendType,
RecipientId = input.RecipientId,
RecipientType = input.RecipientType,
ActionType = input.ActionType,
};
// send otp
if (_otpSettings.IgnoreOtpValidation)
{
otp.SendStatus = OtpSendStatus.Ignored;
}
else
{
try
{
otp.SentOn = DateTime.Now;
await SendInternal(otp);
otp.SendStatus = OtpSendStatus.Sent;
}
catch (Exception e)
{
otp.SendStatus = OtpSendStatus.Failed;
otp.ErrorMessage = e.FullMessage();
}
}
// set expiration and save
var lifeTime = input.Lifetime ?? _otpSettings.DefaultLifetime;
if (lifeTime == 0)
{
lifeTime = OtpSettingProvider.DefaultLifetime;
}
otp.ExpiresOn = DateTime.Now.AddSeconds(lifeTime);
await _otpStorage.SaveAsync(otp);
// return response
var response = new SendPinDto
{
OperationId = otp.OperationId,
SentTo = otp.SendTo
};
return(response);
}
