public UserAccessDTO VerifyOTP(UserAccessDTO userParam, string Con)
{
ValidateDTO objValidateOTP = new ValidateDTO();
var user = objUserAccess.CheckUser(userParam.pUserName, userParam.pPassword, Con);
objValidateOTP.pUserId = user.pUserID;
objValidateOTP.pMobile = user.pMobile;
objValidateOTP.pOtp = userParam.pOtp;
var verifyOTP = objUserAccess.ValidateOTP(objValidateOTP, Con);
// return null if user not found
if (user == null && user.pPassword.Length > 0 || !_passwordHasher.PasswordMatches(userParam.pPassword, user.pPassword))
{
return(null);
}
if (verifyOTP.status)
{
user.pStatus = Convert.ToString(verifyOTP.status);
user.pMessage = verifyOTP.message;
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.pRoleid.ToString())
}),
Expires = DateTime.UtcNow.AddMinutes(180),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.pToken = tokenHandler.WriteToken(token);
// remove password before returning
user.pPassword = null;
}
else
{
user.pMessage = verifyOTP.message;
user.pStatus = Convert.ToString(verifyOTP.status);
}
return(user);
}
public ValidateResponse ValidateOTP(ValidateDTO objValidateOTP, string connectionString)
{
string strQuery = string.Empty;
string updateotp = string.Empty;
string updateactivation = string.Empty;
string strOTPStatus = string.Empty;
int OTPCount = 0;
DateTime otpdate = new DateTime();
DataSet ds = new DataSet();
ValidateResponse objValidateResponse = new ValidateResponse();
DataSet dataset = new DataSet();
DataTable dt = new DataTable();
try
{
try
{
OTPCount = Convert.ToInt32(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, "select count(otp) from tabwebotp where Userid='" + objValidateOTP.pUserId + "' and mobile='" + objValidateOTP.pMobile + "' and otp='" + objValidateOTP.pOtp + "';"));
if (OTPCount != 0)
{
strQuery = "select otp,senddatetime from tabwebotp where Userid='" + objValidateOTP.pUserId + "' and mobile='" + objValidateOTP.pMobile + "' and otp='" + objValidateOTP.pOtp + "';";
using (NpgsqlDataReader dr = NPGSqlHelper.ExecuteReader(connectionString, CommandType.Text, strQuery))
{
if (dr.Read())
{
otpdate = Convert.ToDateTime(dr["senddatetime"]);
}
}
TimeSpan diff = DateTime.Now - otpdate;
if (diff.Minutes >= 15)
{
objValidateResponse.status = false;
objValidateResponse.message = "OTP has Expired";
}
else
{
strOTPStatus = "select isactive from tabwebotp where otp='" + objValidateOTP.pOtp + "';";
strOTPStatus = Convert.ToString(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, strOTPStatus));
if (strOTPStatus == "N")
{
objValidateResponse.status = false;
objValidateResponse.message = "OTP has Expired";
}
else
{
updateotp = "update tabwebotp set isactive='N' where Userid='" + objValidateOTP.pUserId + "'";
NPGSqlHelper.ExecuteNonQuery(connectionString, CommandType.Text, updateotp);
objValidateResponse.status = true;
objValidateResponse.message = "success";
}
}
}
else
{
objValidateResponse.status = false;
objValidateResponse.message = "Invalid OTP";
}
}
catch (Exception ex)
{
objValidateResponse.status = false;
objValidateResponse.message = "Try Again";
Console.WriteLine(ex.Message);
}
}
catch (Exception ex)
{
objValidateResponse.status = false;
objValidateResponse.message = "Server Issue";
//throw ex;
}
return(objValidateResponse);
}