/// <summary> /// 用户ajax登录验证 /// </summary> /// <param name="user"></param> /// <param name="pwd"></param> /// <param name="vcode">vcode:验证码</param> /// <param name="zncode">zncode:动态口令</param> /// <param name="txtadmincode">txtadmincode:管理码</param> /// <returns></returns> public string AjaxVaild(string user, string pwd, string vcode, string zncode = "", string txtadmincode = "") { user = user.Trim(); pwd = pwd.Trim(); if (getVcount >= 3) { if (!ZoomlaSecurityCenter.VCodeCheck(Request.Form["VCode_hid"], vcode)) { return("验证码不正确"); } } if (SiteConfig.SiteOption.EnableSiteManageCode && (txtadmincode.Trim() != SiteConfig.SiteOption.SiteManageCode)) { getVcount = getVcount + 1; if (getVcount == 3) { return("True"); //刷出验证码 } return("管理码不正确"); } M_AdminInfo info = B_Admin.AuthenticateAdmin(user, pwd); if (info == null || info.AdminId < 1) { getVcount = getVcount + 1; if (getVcount == 3) { return("True"); } else { return("用户名或密码错误!"); } } else { if (info.IsLock) { return("你的帐户被锁定,请与超级管理员联系"); } if (!string.IsNullOrEmpty(SiteConfig.SiteOption.AdminKey)) { byte[] keys = Base32String.Instance.Decode(SiteConfig.SiteOption.AdminKey); PasscodeGenerator pass = new PasscodeGenerator(new HMACSHA1(keys)); if (!pass.VerifyTimeoutCode(zncode)) { return("动态口令不对!"); } } getVcount = 0;//清空 } return("True"); }
protected void Check_B_Click(object sender, EventArgs e) { byte[] secretBytes = Base32String.Instance.Decode(SiteConfig.SiteOption.AdminKey); PasscodeGenerator pcg = new PasscodeGenerator(new HMACSHA1(secretBytes)); if (!pcg.VerifyTimeoutCode(Code_T.Text)) { function.WriteErrMsg("动态口令不正确!"); } if (Type_Hid.Value.Equals("1")) { ClearAdminKey(); } Code_Img.Visible = true; string imgurl = string.Format("otpauth://totp/{0}?secret={1}", StringHelper.ChineseToPY(Call.SiteName) + "Manage", SiteConfig.SiteOption.AdminKey); Code_Img.ImageUrl = "/Common/Common.ashx?url=" + imgurl; Keys_L.Visible = true; Keys_L.Text = SiteConfig.SiteOption.AdminKey; }
static void Main(string[] args) { Console.Write("Two step verification secret: "); string secret = Console.ReadLine(); //Decode the secret given by Google byte[] secretBytes = Base32String.Instance.Decode(secret); PasscodeGenerator passGenenerator = new PasscodeGenerator(new HMACSHA1(secretBytes)); string timeoutCode = passGenenerator.GenerateTimeoutCode(); if (!passGenenerator.VerifyTimeoutCode(timeoutCode)) { Console.WriteLine("Timeout code couldn't be verified!"); } else { Console.WriteLine("Timeout code: {0}", timeoutCode); } Console.ReadLine(); }