OTP Generator
OTP (One Time Password) Send it from any SMS Service, and how it is used.
What is OTP?
A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single transaction or login session.
Why to use OTP?
An OTP is more secure than a static password, especially a user-created password, which can be weak or reused across multiple accounts.
OTPs may replace authentication login information or may be used in addition to it to add another layer of security.
[HttpPost]
public JsonResult SendOTP(string number)
{
var status = "fail";
if (number != "")
{
status = "Invalid";
if (number.Length == 10)
{
string otpValue = new Random().Next(100000, 999999).ToString();
try
{
/// Sms Sending Code.
var messageAPI = new MessageAPI();
string smsBody = "Your OTP Number is " + otpValue
+ " ( Sent By : XT)";
//SMS Service Logic//
string smsResult = messageAPI.SendSmsViaNewAPI(smsBody,
number);
status = smsResult;
Otp createOtp = new Otp()
{
PhoneNo = number,
OtpValue = otpValue,
CreatedDate = DateTime.Now,
ExpiryDate = DateTime.Now.AddMinutes(10),
IsVerify = 0
};
otpManager.InsertOtp(createOtp);
return Json(status, JsonRequestBehavior.AllowGet);
}
catch (Exception e)
{
throw (e);
}
}
}
return Json(status, JsonRequestBehavior.AllowGet);
}
Why I wrote this article?
To describe how the one-time password works in a simple way and How you can use it in your application.
For sending the OTP, We can create a post method, which will have the Phone Number as input and the OTP will be sending to that 10-digit mobile number in form of a text SMS.
This Above Code will send the OTP to Mobile Number.
Now How to Verify the OTP? Which the user will enter what has been received in the SMS.
For that We need a Verify or Validating OTP Method ,Which will check the Enter OTP is correct or not.
[HttpPost]
public JsonResult VerifyOTP(string otp)
{
bool result = false;
//Code to Verify the OTP
var resultData = otpManager.VerifyOtp(otp);
if (resultData != null && resultData.Tables[0] != null && resultData.Tables[0].Rows.Count > 0)
{
result = true;
// Code to Update that the OTP which is entered is used.
otpManager.UpdateVerifyOtp(otp);
}
return Json(result, JsonRequestBehavior.AllowGet);
}
The above code will verify the OTP.