public static bool VerifyBackupCode(cmUser user, string code, out List <string> newCodes) { newCodes = null; bool existed = false; using (DbManager dbManager = new DbManager()) { SecondFactorBackupCodeAccessor accessor = DataAccessor.CreateInstance <SecondFactorBackupCodeAccessor>(dbManager); existed = accessor.IsCodeExist(user.ID, code); if (existed) { int count = accessor.RemoveCode(user.ID, code); if (count == 0) { newCodes = GenerateBackupCodes(user.ID, dbManager); } } } if (existed && !user.IsSecondFactorVerified) { SetSecondFactorVerified(user.ID, true); } return(existed); }
private static List <string> GenerateBackupCodes(long userID, DbManager dbManager) { List <string> codes = new List <string>(); SecondFactorBackupCodeAccessor accessor = DataAccessor.CreateInstance <SecondFactorBackupCodeAccessor>(dbManager); accessor.RemoveCodes(userID); string code; for (int i = 0; i < 10; i++) { code = StringHelper.GetRandomString(16); codes.Add(code); accessor.InsertCode(userID, code); } return(codes); }