public async Task <IHttpActionResult> GetOtp(LoginModel login) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var valid = _userManager.ValidateCredentials(login.UserName, login.Password); if (!valid) { return(NotFound()); } var user = _userManager.GetUser(login.UserName); var code = TimeSensitivePassCode.GetListOfOtPs(PskService.GetPsk(user.EmployeeId).Psk)[1]; if (!string.IsNullOrEmpty(user.VoiceTelephoneNumber)) { await new SmsService().SendAsync(new IdentityMessage { Body = $"Your Pin Is:\n {code}", Destination = user.VoiceTelephoneNumber }); } else { ModelState.AddModelError("PhoneNumber", "user's Phone number is not available"); return(BadRequest(ModelState)); } return(Ok(code)); }
public static bool HasValidTotp(this HttpRequestMessage request, string key) { if (request.Headers.Contains(OTP_HEADER)) { string otp = request.Headers.GetValues(OTP_HEADER).First(); // We need to check the passcode against the past, current, and future passcodes if (!string.IsNullOrWhiteSpace(otp)) { if (TimeSensitivePassCode.GetListOfOtPs(key).Any(t => t.Equals(otp))) { return(true); } } } return(false); }
public async Task <IHttpActionResult> VerifyOtp(VerifyOtpModel login) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var valid = await Task.FromResult(_userManager.ValidateCredentials(login.UserName, login.Password)); var user = _userManager.GetUser(login.UserName); if (user == null) { return(NotFound()); } var state = TimeSensitivePassCode.GetListOfOtPs(PskService.GetPsk(user.EmployeeId).Psk).Any(c => c.Equals(login.Code)); return(Ok(new { state = state })); }