public IActionResult ResendOTP(string returnUrl = null) { var otp = HttpContext.Session.Get <OTPSession>("OTP"); if (otp != null) { var randomOtp = new Random().Next(10000, 99999); OTPSession otpSession = new OTPSession(randomOtp, DateTime.Now.AddMinutes(5), otp.Email, otp.Password, otp.RememberMe); HttpContext.Session.Set("OTP", otpSession); using (SmtpClient client = new SmtpClient()) { var message = new MimeMessage(); message.From.Add(new MailboxAddress("GameProvider", "*****@*****.**")); message.To.Add(new MailboxAddress("Không trả lời", otp.Email)); message.Subject = "Xác thực OTP"; message.Body = new TextPart(MimeKit.Text.TextFormat.Text) { Text = "Mã OTP: " + randomOtp }; client.Connect("smtp.gmail.com", 465, true); client.Authenticate("*****@*****.**", "Thanhpro1999@"); client.Send(message); client.Disconnect(true); return(LocalRedirect("/Identity/Account/OTPConfirm")); } } else { return(LocalRedirect("/Identity/Account/Login")); } }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var user = await _db.ApplicationUsers.Where(u => u.Email == Input.Email).FirstOrDefaultAsync(); var result = await _signInManager.CheckPasswordSignInAsync(user, Input.Password, lockoutOnFailure : true); if (result.Succeeded) { if (await _userManager.IsInRoleAsync(user, Helper.ADMIN_ROLE) || await _userManager.IsInRoleAsync(user, Helper.CUSTOMERCARE_ROLE) || await _userManager.IsInRoleAsync(user, Helper.MANAGER_ROLE) || await _userManager.IsInRoleAsync(user, Helper.MRHAI_ROLE)) { return(RedirectToAction("Index", "AdminHome", new { area = "Admin" })); } var otpFromSession = HttpContext.Session.Get <OTPSession>("OTP"); if (DateTime.Now.CompareTo(otpFromSession) > 0) { var randomOtp = new Random().Next(10000, 99999); OTPSession otpSession = new OTPSession(randomOtp, DateTime.Now.AddMinutes(5), Input.Email, Input.Password); HttpContext.Session.Set("OTP", otpSession); using (SmtpClient client = new SmtpClient()) { var message = new MimeMessage(); message.From.Add(new MailboxAddress("GameProvider", "*****@*****.**")); message.To.Add(new MailboxAddress("Không trả lời", user.Email)); message.Subject = "Xác thực OTP"; message.Body = new TextPart(MimeKit.Text.TextFormat.Text) { Text = "Chúng tôi nhận thấy bạn vừa thực hiện đăng nhập, vui lòng sử dụng mã OTP được cung cấp để xác thực!" + Environment.NewLine + "Mã OTP: " + randomOtp + Environment.NewLine + "Thời gian hiệu lực OTP: 5 phút." }; client.Connect("smtp.gmail.com", 465, true); client.Authenticate("*****@*****.**", "Thanhpro1999@"); client.Send(message); client.Disconnect(true); return(RedirectToPage("OTPConfirm")); } } else if (DateTime.Now.CompareTo(otpFromSession) < 0) { ModelState.AddModelError("OTPRequire", "Mã OTP đã được gửi"); return(RedirectToPage("OTPConfirm")); } } if (result.RequiresTwoFactor) { return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe })); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return(RedirectToPage("./Lockout")); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(Page()); } } // If we got this far, something failed, redisplay form return(Page()); }