One time Password的使用方法C#版本
在微云中我的电脑→D盘→第三方学习资料→otp_z201_csharp
使用步骤
一、要先将ET_OTPVerify.dll拷贝到网页服务器系统目录下,一般为C:\windows\system32目录。
实例代码如下:
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using Eazytec.Common;
using Eazytec.BLL;
using Eazytec.Model;
using System.Runtime.InteropServices;
using Eazytec.DBUtility;
namespace Eazytec.web
{
public partial class login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
}
}
//请将ET_OTPVerify.dll拷贝到SYSTEM32目录,方便调用。
[DllImport("ET_OTPVerify.dll")]
public static extern int ET_CheckPwdz201(string authkey, UInt64 t, UInt64 t0, uint x, int drift, int authwnd, UInt64 lastsucc, string otp, int otplen, ref UInt64 currsucc, ref int currdft);
[DllImport("ET_OTPVerify.dll")]
public static extern int ET_Syncz201(string authkey, UInt64 t, UInt64 t0, uint x, int drift, int syncwnd, UInt64 lastsucc, string otp1, int otp1len, string otp2, int otp2len, ref UInt64 currsucc, ref int currdft);
int test_auth(string otpkey, string otp)
{
string sql = "select * from dbo.OTPTab where OTPNo =(select OTPNo from dbo.TUsers where UserName='" + txtUserName.Text + "') ";
DataTable dt = SqlHelper.ExecuteDataSet(sql);
UInt64 currsucc1=0;
int currdft1=0;
if (dt.Rows.Count > 0)
{
currsucc1 = Convert.ToUInt64(dt.Rows[0]["currsucc"]);
currdft1 = Convert.ToInt32(dt.Rows[0]["currdft"]);
}
int iRet = 0;
sql = "select authkey from dbo.OTPTab where OTPNo =(select OTPNo from dbo.TUsers where UserName='" + txtUserName.Text + "') ";
string authkey = SqlHelper.ExecuScale2(sql).ToString(); //令牌密钥,应从服务器端的数据库中检索得到。此处为了方便测试,直接从客户端获取。
UInt64 currsucc=0;
int currdft=0;
if (dt.Rows.Count > 0)
{
currsucc = Convert.ToUInt64(dt.Rows[0]["currsucc"]);
currdft = Convert.ToInt32(dt.Rows[0]["currdft"]);
}
TimeSpan tsTimeSpan = DateTime.UtcNow - new DateTime(1970, 1, 1);
ulong ulgTimeStamp = (ulong)tsTimeSpan.TotalSeconds;
iRet = ET_CheckPwdz201(authkey, ulgTimeStamp, 0, 60, currdft1, 40, currsucc1, otp, 6, ref currsucc, ref currdft);
if (iRet == 0)
{
//Message.Text += "<br>认证成功!";
currsucc1 = currsucc; //认证成功后应将“成功值”写回数据库,供接口调用。失败不要写回数据库。
currdft1 = currdft; //认证成功后应将“漂移值”写回数据库,供接口调用。失败不要写回数据库。
sql = "update dbo.OTPTab set currsucc='" + currsucc1 + "',currdft='" + currdft1 + "' where OTPNo=(select OTPNo from dbo.TUsers where UserName='" + txtUserName.Text + "')";
//Message.Text += "<br> otp: " + otp;
//Message.Text += "<br> currsucc: " + currsucc;
// Message.Text += "<br> currdft: " + currdft;
}
else
{
//Message.Text = "认证失败!";
}
return iRet;
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
string userName = txtUserName.Text.Trim();
string userPwd = txtUserPwd.Text.Trim();
string code = txtCode.Text.Trim();
if (userName.Equals("") || userPwd.Equals(""))
{
lblTip.Visible = true;
lblTip.Text = "请输入用户名或密码";
return;
}
string demoType = "auth";
if (demoType == "auth")
{
string otpkey = Request.Form["otpkey"];
string otp = TextBox1.Text;
//Message.Text = "otpkey: " + otpkey + "<br>";
int Result = test_auth(otpkey, otp);
if (Result == 0)
{
// Message.Text += "<br> Congratulations! Authenticate OK!";
}
else
{
lblTip.Visible = true;
lblTip.Text = "动态密码不正确,请核实";
return; // Message.Text += "<br>Sorry ,maybe your password is not correct! " + "<br>ErrorCode: " + Result;
}
}
//if (code.Equals(""))
//{
// lblTip.Visible = true;
// lblTip.Text = "请输入验证码";
// return;
//}
//if (Session[DTKeys.SESSION_CODE] == null)
//{
// lblTip.Visible = true;
// lblTip.Text = "系统找不到验证码";
// return;
//}
//if (code.ToLower() != Session[DTKeys.SESSION_CODE].ToString().ToLower())
//{
// lblTip.Visible = true;
// lblTip.Text = "验证码输入不正确";
// return;
//}
TUsersbl tus = new TUsersbl();
int result = tus.GetAllUsersbynameandpsw(userName, userPwd);
if (result == 0)
{
lblTip.Visible = true;
lblTip.Text = "用户名或密码有误";
return;
}
else
{
TUsers user = tus.GetAllUsersbynameandpswto(userName, userPwd);
Session[DTKeys.SESSION_USERS_INFO] = user;
Session.Timeout = 45;
}
//写入登录日志
//写入Cookies
Response.Redirect("qxsz/index.html");
return;
}
}
}