public UserAccessDTO VerifyOTP(UserAccessDTO userParam, string Con) { ValidateDTO objValidateOTP = new ValidateDTO(); var user = objUserAccess.CheckUser(userParam.pUserName, userParam.pPassword, Con); objValidateOTP.pUserId = user.pUserID; objValidateOTP.pMobile = user.pMobile; objValidateOTP.pOtp = userParam.pOtp; var verifyOTP = objUserAccess.ValidateOTP(objValidateOTP, Con); // return null if user not found if (user == null && user.pPassword.Length > 0 || !_passwordHasher.PasswordMatches(userParam.pPassword, user.pPassword)) { return(null); } if (verifyOTP.status) { user.pStatus = Convert.ToString(verifyOTP.status); user.pMessage = verifyOTP.message; // authentication successful so generate jwt token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.pRoleid.ToString()) }), Expires = DateTime.UtcNow.AddMinutes(180), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); user.pToken = tokenHandler.WriteToken(token); // remove password before returning user.pPassword = null; } else { user.pMessage = verifyOTP.message; user.pStatus = Convert.ToString(verifyOTP.status); } return(user); }
public ValidateResponse ValidateOTP(ValidateDTO objValidateOTP, string connectionString) { string strQuery = string.Empty; string updateotp = string.Empty; string updateactivation = string.Empty; string strOTPStatus = string.Empty; int OTPCount = 0; DateTime otpdate = new DateTime(); DataSet ds = new DataSet(); ValidateResponse objValidateResponse = new ValidateResponse(); DataSet dataset = new DataSet(); DataTable dt = new DataTable(); try { try { OTPCount = Convert.ToInt32(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, "select count(otp) from tabwebotp where Userid='" + objValidateOTP.pUserId + "' and mobile='" + objValidateOTP.pMobile + "' and otp='" + objValidateOTP.pOtp + "';")); if (OTPCount != 0) { strQuery = "select otp,senddatetime from tabwebotp where Userid='" + objValidateOTP.pUserId + "' and mobile='" + objValidateOTP.pMobile + "' and otp='" + objValidateOTP.pOtp + "';"; using (NpgsqlDataReader dr = NPGSqlHelper.ExecuteReader(connectionString, CommandType.Text, strQuery)) { if (dr.Read()) { otpdate = Convert.ToDateTime(dr["senddatetime"]); } } TimeSpan diff = DateTime.Now - otpdate; if (diff.Minutes >= 15) { objValidateResponse.status = false; objValidateResponse.message = "OTP has Expired"; } else { strOTPStatus = "select isactive from tabwebotp where otp='" + objValidateOTP.pOtp + "';"; strOTPStatus = Convert.ToString(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, strOTPStatus)); if (strOTPStatus == "N") { objValidateResponse.status = false; objValidateResponse.message = "OTP has Expired"; } else { updateotp = "update tabwebotp set isactive='N' where Userid='" + objValidateOTP.pUserId + "'"; NPGSqlHelper.ExecuteNonQuery(connectionString, CommandType.Text, updateotp); objValidateResponse.status = true; objValidateResponse.message = "success"; } } } else { objValidateResponse.status = false; objValidateResponse.message = "Invalid OTP"; } } catch (Exception ex) { objValidateResponse.status = false; objValidateResponse.message = "Try Again"; Console.WriteLine(ex.Message); } } catch (Exception ex) { objValidateResponse.status = false; objValidateResponse.message = "Server Issue"; //throw ex; } return(objValidateResponse); }