// 准备手机短信验证登录的第二阶段:匹配验证码
public bool MatchTempPassword(
TempCodeCollection table,
string strPhoneNumber,
string strClientIP,
string strPassword,
out string strError)
{
strError = "";
string strKey = this.UserID + "|" + strPhoneNumber + "|" + strClientIP;
TempCode code = table.FindTempCode(strKey);
if (code == null)
{
strError = "当前用户的验证码尚未初始化";
return false;
}
if (DateTime.Now > code.ExpireTime)
{
strError = "验证码已经过期失效";
return false;
}
if (strPassword != code.Code)
{
strError = "验证码匹配失败";
return false;
}
return true;
}
static TimeSpan _expireLength = TimeSpan.FromMinutes(10); // 10 分钟
// 准备手机短信验证登录的第一阶段:产生验证码
// return:
// -1 出错
// 0 沿用以前的验证码
// 1 用新的验证码
public int PrepareTempPassword(
TempCodeCollection table,
string strClientIP,
string strPhoneNumber,
out TempCode code,
out string strError)
{
strError = "";
code = null;
if (string.IsNullOrEmpty(strPhoneNumber))
{
strError = "strPhoneNumber 参数值不应为空";
return -1;
}
strPhoneNumber = strPhoneNumber.Trim();
if (string.IsNullOrEmpty(strPhoneNumber))
{
strError = "strPhoneNumber 参数值不应为空(1)";
return -1;
}
string strList = GetPhoneNumberBindingString();
if (string.IsNullOrEmpty(strList))
{
strError = "当前账号未曾做过手机短信方式(sms:)绑定";
return -1; // 没有做过 sms: 绑定
}
List<string> list = StringUtil.SplitList(strList, '|');
if (list.IndexOf(strPhoneNumber) == -1)
{
strError = "所提供的电话号码 '" + strPhoneNumber + "' 不在手机绑定号码列表中";
return -1; // 电话号码没有在列表中
}
// 检索看看是否有已经存在的密码
bool bExist = false;
DateTime now = DateTime.Now;
string strKey = this.UserID + "|" + strPhoneNumber + "|" + strClientIP;
code = table.FindTempCode(strKey);
if (code != null)
{
if (code.ExpireTime < now)
code = null; // 迫使重新取号
else
{
// 失效期还没有到。主动延长一次失效期
code.ExpireTime = DateTime.Now + _expireLength;
bExist = true;
}
}
if (code == null)
{
// 重新设定一个密码
Random rnd = new Random();
code = new TempCode();
code.Key = strKey;
code.Code = rnd.Next(1, 999999).ToString();
code.ExpireTime = DateTime.Now + _expireLength;
}
table.SetTempCode(code.Key, code);
// strTempCode = code.Code;
if (bExist)
return 0;
return 1;
}
