public JsonResult VerifyOtp(string msgId, string recieveotp)
{
OtpModel otp = _otpContext.GetOtp(msgId);
if (otp != null)
{
double diff2 = (DateTime.UtcNow - otp.CreatedAt).TotalMinutes;
if (diff2 < 10)
{
if (otp.Otp == recieveotp)
{
UserViewModel user = _userContext.GetUserByMsgId(msgId);
string token = GenerateJSONWebToken(user);
return(Json(new { status = true, accessToken = token, message = "verified" }));
}
return(Json(new { status = false, message = "Please Enter Valid Otp !!" }));
}
else
{
return(Json(new { status = false, message = "Otp Expired" }));
}
}
else
{
return(new JsonResult(new { status = false, message = "Invalid Request" }));
}
}
public ActionResult Authenticator(OtpModel model)
{
ViewBag.IsOtpBySmsEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms) == "True";
ViewBag.IsOtpByEmailEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail) == "True";
ViewBag.IsOtpByAppEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator) == "True";
model.IsAllowSafeComputerEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember) == "True";
if (!ModelState.IsValid)
{
return(View(model));
}
var userId = (long)Session["UserId"];
var loginSettings = _loginSettingRepository.Get(userId);
var isValid = TimeBasedOneTimePassword.IsValid(loginSettings.GoogleAuthenticatorSecretKey, model.Otp, 50);
if (!isValid)
{
model.IsOtpVerified = false;
model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP entered is wrong. Please try again.");
return(View(model));
}
if (model.MarkAsSafe)
{
var browserName = Request.Browser.Browser + " " + Request.Browser.Version;
var requestingIp = Request.UserHostAddress;
var safeComputer = new SafeComputerHistory()
{
BrowserType = browserName, ComputerIp = requestingIp, DateCreated = DateTime.Now, DateModified = DateTime.Now, IsActive = true, UserLoginId = userId
};
_safeComputerHistoryService.Save(safeComputer);
}
return(GoToDashboard(userId));
}
public ActionResult Otp()
{
var model = new OtpModel();
ViewBag.ExpirationMinutes = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpExpirationMinutes);
ViewBag.AttemptCount = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpMisMatchAttemptCount);
model.IsAllowSafeComputerEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember) == "True";
if (_sessionContext.UserSession == null && Session["UserId"] != null)
{
model.UserId = (long)Session["UserId"];
return(View(model));
}
if (_sessionContext.UserSession == null && Session["UserId"] == null)
{
return(RedirectToAction("Index"));
}
_loginOtpService.ResetOtp(_sessionContext.UserSession.UserId);
_loginOtpService.GenerateOtp(_sessionContext.UserSession.UserId, Request.Url.ToString());
Session["UserId"] = model.UserId = _sessionContext.UserSession.UserId;
_sessionContext.UserSession = null;
return(View(model));
}
private void SetBearerToken(OtpModel model)
{
string fileName = authTokenFilename;
var filepath = Path.Combine(Directory.GetCurrentDirectory(), fileName);
var token = JsonConvert.SerializeObject(model);
File.WriteAllText(filepath, token);
}
public ActionResult Otp(OtpModel model)
{
ViewBag.ExpirationMinutes = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpExpirationMinutes);
ViewBag.AttemptCount = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpMisMatchAttemptCount);
model.IsAllowSafeComputerEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember) == "True";
var userId = (long)Session["UserId"];
model.UserId = userId;
if (!ModelState.IsValid)
{
return(View(model));
}
bool isOtpExpired;
bool isAttemptExpired;
var isOtpVerified = _loginOtpService.VerifyOtp(model.Otp, userId, out isOtpExpired, out isAttemptExpired);
if (isAttemptExpired)
{
_loginRepository.AssignUserLoginLock(userId);
model.IsOtpVerified = false;
model.IsAccountLocked = true;
model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("Your account has been locked, due to too many attempts. Please contact " +
_settings.SupportEmail + " OR call us at " + _settings.PhoneTollFree);
return(View(model));
}
if (isOtpExpired)
{
model.IsOtpVerified = false;
model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP is expired. Please use resend link to generate a new OTP.");
return(View(model));
}
if (!isOtpVerified)
{
model.IsOtpVerified = false;
model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP entered is wrong. Please try again.");
return(View(model));
}
if (model.MarkAsSafe)
{
var browserName = Request.Browser.Browser + " " + Request.Browser.Version;
var requestingIp = Request.UserHostAddress;
var safeComputer = new SafeComputerHistory()
{
BrowserType = browserName, ComputerIp = requestingIp, DateCreated = DateTime.Now, DateModified = DateTime.Now, IsActive = true, UserLoginId = userId
};
_safeComputerHistoryService.Save(safeComputer);
}
return(GoToDashboard(userId));
}
//public async Task<ApiResult<string>> TestOtp(CancellationToken cancellationToken)
public async Task <OtpModel> RequestOtp(string phone, int center, CancellationToken cancellationToken)
{
OtpModel model = _otpService.GetCode(phone);
//if (center == 1)
//{
// var res = await _mashhadSmsService.SendBasicOtp(phone, model.Code);
//}
//else
//{
// var res = await _kavenegar.SendOtp(phone, model.Code);
//}
return(model);
}
public bool VerifyOtp(OtpModel model, bool isOtp)
{
_context = new karrykartEntities();
var otp = _context.OTPHolders.Where(x => x.OTPAssignedTo == model.UserIdentifier && x.OTPValue == model.Userotp).FirstOrDefault();
if (otp != null)
{
CommonHelper.RemoveOTP(model.UserIdentifier);
return(true);
}
return(false);
}
public ActionResult Verifyotp(OtpModel model)
{
try
{
_userHelper = new UserHelper();
if (_userHelper.VerifyOtp(model))
{
return(Json(new { messagetype = "success", message = "Your account is verified and active. Please login using your credentials." }, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(new { messagetype = "error", message = "Your account is active now. Unable to deliver email to your mailbox. Please contact administrator (call helpline) for verification purpose" }, JsonRequestBehavior.AllowGet));
}
}
catch (Exception ex)
{
}
return(View());
}
public bool VerifyOtp(OtpModel model)
{
_context = new karrykartEntities();
var otp = _context.OTPHolders.Where(x => x.OTPAssignedTo == model.UserIdentifier && x.OTPValue == model.Userotp).FirstOrDefault();
if (otp != null)
{
var user = _context.Users.Where(u => u.EmailAddress == model.UserIdentifier || u.Mobile == model.UserIdentifier).FirstOrDefault();
user.LastUpdated = DateTime.Now;
user.Active = true;
_context.Entry(user).State = System.Data.Entity.EntityState.Modified;
_context.SaveChanges();
CommonHelper.RemoveOTP(model.UserIdentifier);
return(SendOtpVerificationToUser(user));
}
return(false);
}
public ActionResult VerifyUser(OtpModel model)
{
try
{
_userHelper = new UserHelper();
if (_userHelper.VerifyOtp(model, true))
{
_userHelper = null;
return(Json(new { messagetype = ApplicationMessages.ForgotPassword.SUCCESS, message = "Please type your new password." }, JsonRequestBehavior.AllowGet));
}
else
{
_userHelper = null;
return(Json(new { messagetype = ApplicationMessages.ForgotPassword.ERROR, message = "The otp does not matches. Please contact administrator (call helpline)." }, JsonRequestBehavior.AllowGet));
}
}
catch (Exception ex)
{
}
return(View());
}
public IActionResult RequestSigningRightsOtp(Guid applicationId)
{
try
{
var claims = _repo.Jwt.GetUserClaims(Request.Headers[HeaderNames.Authorization].ToString());
// get the client
var user = _repo.User
.FindByCondition(c => c.Id == claims.UserId)
.First();
// create otp
var otp = new OtpModel()
{
UserId = user.Id,
ClientEmail = user.Email,
OtpType = OtpTypesEnum.SignDocument,
Otp = _repo.BulkSms.CreateOtp(),
RelatedDataId = applicationId,
};
_repo.Otp.Create(otp);
_repo.Save();
// send otp
var otpSent = _repo.BulkSms.SendOtop(user.MobileNumber, $"Give Aluma Capital the " +
$"rights to digitally sign application documents with OTP: {otp.Otp}");
if (!otpSent)
{
return(StatusCode(500, "Couldn't send OTP, Please retry or contact support"));
}
return(StatusCode(201));
}
catch (Exception e)
{
return(StatusCode(500, e.Message));
}
}
public ActionResult Authenticator()
{
if (_sessionContext.UserSession == null)
{
return(RedirectToAction("Index"));
}
ViewBag.IsOtpBySmsEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms) == "True";
ViewBag.IsOtpByEmailEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail) == "True";
ViewBag.IsOtpByAppEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator) == "True";
var model = new OtpModel();
model.IsAllowSafeComputerEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember) == "True";
if (_sessionContext.UserSession == null && Session["UserId"] != null)
{
model.UserId = (long)Session["UserId"];
return(View(model));
}
Session["UserId"] = _sessionContext.UserSession.UserId;
_sessionContext.UserSession = null;
return(View(model));
}
internal bool VerifyOtp(OtpModel objReq)
{
using (var db=new WizzDataContext())
{
var userData = db.tblUsers.Where(c => c.pkUserId == Convert.ToInt64(objReq.userId)).FirstOrDefault();
if (objReq.OTPCode == userData.otpCode)
{
userData.isOtpVerified = true;
db.SubmitChanges();
return true;
}
else {
return false;
}
}
}
public Response<string> SendOtp(OtpModel objReq)
{
Response<string> response = new Response<string>();
List<string> objResp = new List<string>();
try
{
objDbMethodV2 = new wizz.Dal.DbMethodsV2();
if (CheckRequestIsvalidornot(this.Request))
{
if (ModelState.IsValid)
{
string res = objDbMethodV2.SendOtp(objReq);
if (res == "4")
{
res = "Phone number already exists for a different user";
}
objResp.Add(res);
response.Create(false, Messages.FormatMessage(Messages.Success, "Otp"), Messages.AppVersion, objResp);
}
else
response.Create(false, ModelState.Values.FirstOrDefault().Errors.FirstOrDefault().ErrorMessage, Messages.AppVersion, objResp);
}
else
response.Create(false, Messages.FormatMessage(Messages.InvalidReq), Messages.AppVersion, objResp);
}
catch (Exception ex)
{
object session = new JavaScriptSerializer().Serialize(objReq);
LogManager.Error("Error occured while Processing Webservice request :{0}", ex, session, ex.Message);
response.Create(false, Messages.FormatMessage(Messages.ErrorOccure), Messages.AppVersion, objResp);
}
return response;
}
public Response<string> VerifyOtp(OtpModel objReq)
{
Response<string> response = new Response<string>();
List<string> objResp = new List<string>();
try
{
objDbMethodV2 = new wizz.Dal.DbMethodsV2();
if (CheckRequestIsvalidornot(this.Request))
{
if (ModelState.IsValid)
{
//
if (objDbMethodV2.VerifyOtp(objReq))
response.Create(true, Messages.FormatMessage(Messages.Success, "user verified"), Messages.AppVersion, objResp);
else
response.Create(false, Messages.InvalidOtp, Messages.AppVersion, objResp);
}
else
response.Create(false, ModelState.Values.FirstOrDefault().Errors.FirstOrDefault().ErrorMessage, Messages.AppVersion, objResp);
}
else
response.Create(false, Messages.FormatMessage(Messages.InvalidReq), Messages.AppVersion, objResp);
}
catch (Exception ex)
{
object session = new JavaScriptSerializer().Serialize(objReq);
LogManager.Error("Error occured while Processing Webservice request :{0}", ex, session, ex.Message);
response.Create(false, Messages.FormatMessage(Messages.ErrorOccure), Messages.AppVersion, objResp);
}
return response;
}
internal string SendOtp(OtpModel objReq)
{
Random generator = new Random();
String r = generator.Next(10000, 1000000).ToString();
r = r.Substring(0, 5);
using (var db = new WizzDataContext())
{
if (db.tblUsers.Any(x => x.phoneNum.ToLower().Trim() == objReq.phoneNum.ToLower().Trim() && x.isOtpVerified == true && x.pkUserId != Convert.ToInt64(objReq.userId)))
{
return "4";
}
var userObj = db.tblUsers.Where(x => x.pkUserId == Convert.ToInt64(objReq.userId)).FirstOrDefault();
userObj.phoneNum = objReq.phoneNum;
userObj.isOtpVerified = false;
userObj.otpCode = r;
twiliorest objTwillio = new twiliorest();
string msg = "Welcome to Wizz Tutors your Otp validation code is " + r;
db.SubmitChanges();
if (objTwillio.SendTeilioMessage(objReq.phoneNum, msg))
{
}
else
{
}
return r;
}
}
public Task <IActionResult> PostOneTimePassword([FromBody] OtpModel otp)
{
throw new NotImplementedException();
}
internal string SendOtp(OtpModel objReq)
{
Random generator = new Random();
String r = generator.Next(10000, 1000000).ToString();
using (var db= new WizzDataContext())
{
var userObj = db.tblUsers.Where(x => x.pkUserId == Convert.ToInt64(objReq.userId)).FirstOrDefault();
userObj.phoneNum = objReq.phoneNum;
userObj.isOtpVerified = false;
twiliorest objTwillio = new twiliorest();
string msg = "Welcome to Wizz tutors your Otp validation code is " + r;
if (objTwillio.SendTeilioMessage(objReq.phoneNum, msg))
{
db.SubmitChanges();
}
else {
}
return r;
}
}
