public UserCookie ValidateUser(string phoneNumber, int oneTimePassword, string deviceId, string random) { string normalizedPhone = PhoneNumberUtils.ValidatePhoneNumber(phoneNumber); User existingUser = UserDbQuery.Instance.GetUserFromPhone(normalizedPhone); if (existingUser == null) { throw new Exception("User not registered"); } Authenticator.TOTP oneTimePasswordValidator = new Authenticator.TOTP(existingUser.UserData.Secret, 30, 6); if (!oneTimePasswordValidator.Verify(oneTimePassword)) { throw new Exception("Invalid one-time password"); } UserCookie cookie = UserCookie.GetCookie(existingUser.UserData, deviceId); if (cookie == null) { cookie = UserCookie.CreateCookie(existingUser.UserData, deviceId); } else { cookie.Update(); } return(cookie); }
public static bool Validate(UserData user, UserCookie cookie) { UserCookie realCookie = UserCookie.GetCookie(user, cookie.DeviceId); return(realCookie.Equals(cookie)); }