C#•2w ago

how to verify me One Time Password? (i'm making login logic)

User needs to insert Name , Email and then One time password which will be sent on his Email . how to make this one time password verification logic? any ideas? (probably i will use this Email sender for many purposes , Email confirmation and etc.) thats what my sender looks like :

internal class EmailSender : IEmailSender
{
    private readonly EmailSenderOptions _options;

    public EmailSender(IOptions<EmailSenderOptions> options)
    {
        _options = options.Value;
    }

    public async Task SendEmailAsync(string email, string subject, string message)
    {
        // Create the email message
        var emailMessage = new MimeMessage();

        // From address
        emailMessage.From.Add(new MailboxAddress(
            _options.SenderName,
            _options.SenderAddress));

        // To address
        emailMessage.To.Add(MailboxAddress.Parse(email));

        emailMessage.Subject = subject;
        emailMessage.Body = new TextPart("plain")
        {
            Text = message
        };

        // Send email using Gmail's SMTP server
        using var client = new MailKit.Net.Smtp.SmtpClient();

        // For development only. In production, you should properly handle certificate validation.
        client.ServerCertificateValidationCallback = (s, c, h, e) => true;

        var host = _options.SmtpServer;
        var port = _options.Port;
        var username = _options.UserName;
        var password = _options.Password;

        // Connect to the SMTP server using STARTTLS on port 587
        await client.ConnectAsync(host, port, SecureSocketOptions.StartTls);

        // Authenticate using your Gmail credentials

        await client.AuthenticateAsync(username, password);

        // Send the email
        await client.SendAsync(emailMessage);

        // Disconnect from the SMTP server
        await client.DisconnectAsync(true);
    }
}

internal class EmailSender : IEmailSender
{
    private readonly EmailSenderOptions _options;

    public EmailSender(IOptions<EmailSenderOptions> options)
    {
        _options = options.Value;
    }

    public async Task SendEmailAsync(string email, string subject, string message)
    {
        // Create the email message
        var emailMessage = new MimeMessage();

        // From address
        emailMessage.From.Add(new MailboxAddress(
            _options.SenderName,
            _options.SenderAddress));

        // To address
        emailMessage.To.Add(MailboxAddress.Parse(email));

        emailMessage.Subject = subject;
        emailMessage.Body = new TextPart("plain")
        {
            Text = message
        };

        // Send email using Gmail's SMTP server
        using var client = new MailKit.Net.Smtp.SmtpClient();

        // For development only. In production, you should properly handle certificate validation.
        client.ServerCertificateValidationCallback = (s, c, h, e) => true;

        var host = _options.SmtpServer;
        var port = _options.Port;
        var username = _options.UserName;
        var password = _options.Password;

        // Connect to the SMTP server using STARTTLS on port 587
        await client.ConnectAsync(host, port, SecureSocketOptions.StartTls);

        // Authenticate using your Gmail credentials

        await client.AuthenticateAsync(username, password);

        // Send the email
        await client.SendAsync(emailMessage);

        // Disconnect from the SMTP server
        await client.DisconnectAsync(true);
    }
}

6 Replies

Cracker•2w ago

What do you do after validating the email ?

ВВассралманOP•2w ago

i'll mark it like approved email (i'll do that in future) and then make logic which needs approved email (Like email password restoring and smth like that) my main task for now is to find good way how to store and validate one time password , i can store it in database or user cache , like IMemoryCache) (any tip will help cuz i'm lowskill rn)

Cracker•2w ago

If you have more than one instance of server where you backend is running then MemoryCache is not correct choice Redis can be used in that case. And the verification email should be shortlived as well If it's long time (more than 8hrs maybe) then I would use database

ВВассралманOP•2w ago

it's small asp.net + blazor wasm project one time password lifetime is few minutes

Cracker•2w ago

Okay if it's one instance then in-memory is fine

ВВассралманOP•2w ago

thanks

Gaming

Programming

how to verify me One Time Password? (i'm making login logic)

Did you find this page helpful?